Skip to Content

Public/Private Key generation and PGP decryption for SFTP sender scenario

Hello,

Based on my understanding, the SFTP has options for Private key authentication. There were certain blogs which I referred for Public and Private key generation. The keys generation should be done by PI team or the SFTP admin team ? Will there be a change in procedure if either of them is creating (in the context of importing keys in PI NWA).

And Should we use the same keys for PGP decryption also or it will be a different key for decryption? Please share some helpful blogs for complete steps involved for PGP decryption using module parameters.

SAP PI version used is 7.11.

Thanks

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Best Answer
    Aug 17, 2017 at 11:02 AM

    Hey Vignesh,

    Hope you are doing good!

    Based on my understanding, the SFTP has options for Private key authentication. There were certain blogs which I referred for Public and Private key generation. The keys generation should be done by PI team or the SFTP admin team ? Will there be a change in procedure if either of them is creating (in the context of importing keys in PI NWA).

    Yes , it can generated by PI team or SFTP team , but irrespective of who provide this PI needs to have Private key and SFTP server needs to have the public key . When SFTP team provides the private key they usually wont provide the format which is supported by NWA ( PKCS12/PKCS8) so my suggestion use Puttykeygen generate a key pair provide the public key for SFTP server and use openssl to convert the private key in any one of the supported PI key format(PKCS12/PKCS8) , it is easy then it looks.

    And Should we use the same keys for PGP decryption also or it will be a different key for decryption?

    I believe this is an inbound interface (i.e PI picking file from SFTP server) if yes then you need to generate a separate PGP key pair note the SSH and PGP are totally different so they can't be used for same purpose .

    use this online tool igolder to generate key pair keep the private key with you and share the public key with third party , but do remember the password which you provide in that website while generating that key pair you need that one in module configuration check this blog for more details on PGP decryption.

    Br,

    Manoj

    Add comment
    10|10000 characters needed characters exceeded