Primeur Online Docs
Data Mover 1.20
Data Mover 1.20
  • πŸš€GETTING STARTED
    • What is Primeur Data Mover
    • Main features of Primeur Data Mover
    • Primeur Data Mover deployment
    • Navigate through Primeur Data Mover
  • πŸ“šINFRASTRUCTURE
    • STENG, clusters and servers
      • Adding a cluster and a STENG
      • Deleting a STENG
    • DMZ Gateways
      • Blocking users automatically at the DMZ level πŸš€
    • DMZ Clusters
      • Load balancing across active DMZ clusters for outbound file transfers πŸš€
  • πŸ‘₯Actors
    • Who are the actors
    • Create your first actor
    • Configure an actor πŸš€
      • Users Tab
      • Groups Tab
      • VFS Tab
      • File Resource Tab
      • Connection Contract Tab
      • Client Connections Tab
    • Search files by actor
    • Actor Lineage πŸš€
      • Aggregation of flows by protocol πŸš€
      • Lineage with connection contracts πŸš€
      • Lineage with input, mediation and output contracts πŸš€
      • Lineage with any contract type πŸš€
  • πŸ—„οΈVIRTUAL FILE SYSTEMS
    • Virtual File Systems (VFS) πŸš€
      • Creating a VFS πŸš€
      • Configuring a VFS
      • Adding Virtual Paths
      • Modifying and Deleting a VFS
    • Searching files in all VFS
    • Storage Classes πŸš€
      • Storage Class: SMB v3 or later versions πŸš€
      • Storage Class: Azure Blob Storage πŸš€
      • Storage Class: Amazon S3 πŸš€
      • Storage Class: Google Storage πŸš€
      • Storage Class: Local File System πŸš€
    • Retention Classes
  • πŸ“Contracts
    • What is a contract
    • Create your first contract
      • Create an Input Contract
        • Define the contract info
        • Associate the contract with the actor
        • Define the contract actions
        • Set the contract variables
      • Create a Mediation Contract
      • Create an Output Contract
      • Create a Connection Contract
        • Create a contract clause
        • Associate the VFS with file processing rules
        • File Processing Rules
    • Managing contracts πŸš€
    • File Resources
      • Creating File Resources
      • Navigating File Resources
      • How to use File Resources
  • 🧱Workflows
    • What is a workflow
    • Create your first workflow template
    • Trigger types
      • Trigger types for input contracts
      • Trigger types for mediation and output contracts
    • Service tasks
      • Standard service tasks
      • Triggerable service tasks πŸš€
      • Spazio selectors and filebox metadata management
      • Error management
    • Variables
      • Variables in workflows and contracts
      • Handling process variables
    • Workflow templates
      • System workflow templates
        • Workflow templates for input contracts
        • Workflow templates for mediation contracts
        • Workflow templates for output contracts
      • Custom workflow templates
        • Workflow template toolbar
        • Workflow template Shape repository panel
        • Workflow template working area
        • Workflow template BPMN-diagram panel
      • Error workflow templates
    • Editing workflow templates
    • DataFlow Instance Context (DFIC) πŸš€
  • πŸ›ΈTRANSPORT PROTOCOLS AND CONNECTORS
    • Data Mover client and server roles
    • Client Connections
      • Client Connection: FTP
      • Client Connection: FTPS
      • Client Connection: SFTP
      • Client Connection: HTTP
      • Client Connection: HTTPS
      • Client Connection: PESIT
      • Client Connection: SMB v3 or later versions
      • Client Connection: POP3 or IMAP
      • Client Connection: SMTP
      • Client Connection: PR4/PR4S
      • Client Connection: PR5
      • Client Connection: PR5S
      • Client Connection: HDFS
      • Client Connection: HDFSS
      • Client Connection: Amazon S3 πŸš€
      • Client Connection: Google Cloud Storage
        • Credentials
      • Client Connection: Azure Blob Storage
      • Client Connection: IBM Sterling Connect:Direct
      • Client Connections retry settings
    • Server Connections πŸš€
      • Server Connection: FTP
      • Server Connection: FTPS
      • Server Connection: SFTP
      • Server Connection: HTTP
      • Server Connection: HTTPS
      • Server Connection: PeSIT
      • Server Connection: PR4
      • Server Connection: PR5
      • Server Connection: PR5S πŸš€
      • Server Connection: IBM Sterling Connect:Direct
    • Protocol Connections Reference
    • Stopping all servers in one go
  • πŸ’»API
    • HTTP MFT Rest API
    • Job Manager APIs πŸš€
    • SFTP Server sessions APIs πŸš€
    • Audit Logs APIs πŸš€
  • πŸ”“Security
    • Identity and Access Management
    • Users & Groups
      • Setting the password policy
      • Creating Internal Users πŸš€
      • Creating Internal Groups
      • Creating External Users
      • Creating External Groups
    • Key Stores and Trust Stores
      • Key Store πŸš€
        • Creating a Key πŸš€
        • Creating a Certificate πŸš€
        • Importing a Key or a Certificate
        • Creating a Symmetric key
        • Examples
      • Trust Store πŸš€
        • Importing Keys πŸš€
        • Importing Certificates
      • Untrusted Cache πŸš€
      • Trusting Keys and Certificates
      • PGP Key Store and PGP Trust Store
        • PGP Key Store
        • Importing keys into the PGP Trust Store
    • ICAP
      • Configuring ICAP
      • Defining an ICAP rule
  • 🎧FILE EVENT LISTENER
    • What is the File Event Listener
    • Configuring File Event Listeners
      • Setting the File Event Listener Engine
      • Defining a contract for the File Event Listener
      • Setting events to be monitored πŸš€
    • RegEx Rules πŸš€
    • Monitoring File Event Listeners
  • πŸ‘‘FILE MANAGER
    • What is the File Manager
    • Logging into File Manager
    • Managing the File Manager πŸš€
      • The list of results
      • Creating new folders
      • Uploading files
      • Downloading files πŸš€
      • Searching for files and folders
      • Deleting files πŸš€
      • Bulk actions πŸš€
    • File Manager and VFS
    • Customizing File Manager externals
      • The configuration-wui.json file πŸš€
      • How to customize the Login window and the logo
      • How to customize the footer
      • How to configure the Upload with Metadata option
      • How to customize bulk actions πŸš€
  • πŸ§‘β€βš–οΈFILE ROUTING
    • What is File Routing πŸš€
    • Routing Rules
      • The Rules tab
      • The Categories tab
      • The Output tab
    • How to create a rule πŸš€
      • Add metadata πŸš€
      • Select ACTIONS
      • Select OUTPUTS
      • Policy for the selection of metadata rules
    • Configuration of the environment in Data One
      • Set up Storage Classes
      • Set up Retention Classes
      • Configure the Actor
      • Set up File Resources
    • Associate the Routing Rule with a Contract
    • Example
  • πŸ“©NOTIFICATION CHANNELS
    • What are Notification Channels
    • Configuring the default Email Notification Channel
    • Configuring a new Email Notification Channel
    • Trusting Certificates
    • Managing Templates
      • Data Watcher Macros
      • Contract Macros
      • ICAP Macros
      • Central Log Macros
      • Email Templates
      • Editing default templates
      • Loading a new template
  • πŸ’¬LOGS & AUDIT
    • Logs πŸš€
      • Logs options πŸš€
      • Troubleshooting error analysis in Logs
    • Audit Options πŸš€
      • Export audit logs πŸš€
      • List of Audit entity types πŸš€
      • Audit message codes πŸš€
    • Log Notifiers πŸš€
      • FEL message codes
  • πŸ•’MONITORING
    • Jobs
      • Details about Jobs πŸš€
      • jobman.sh CLI
    • Job Manager
    • Job Queues
      • Managing Job Queues
    • File Transfers
      • Ongoing
      • Finished
      • Reports
    • File Transfers Rules
      • Configuring Rules
  • 🧐HOW TO...
    • ... use different DNS names πŸš€
    • ... configure a Cron Expression
    • ... configure an application
    • ... customize the header
    • ... run searches in Data Watcher πŸš€
    • ... use Data Shaper graphs in Data Mover contracts
    • ... modify DMCFG and deploy it
    • ... tune Data One data retention
    • ... fine tune Data Mover
      • Email sender for the Notification Channel
  • πŸ—’οΈRELEASE NOTES
    • Data One 1.20.10
    • Data One 1.20.9
    • Data One 1.20.8
    • Data One 1.20.7
      • Data One 1.20.7.1
    • Data One 1.20.6
    • Data One 1.20.5
    • Data One 1.20.4
    • Data One 1.20.3
    • Data One 1.20.2
    • Data One 1.20.1
    • Data One 1.20.0
Powered by GitBook
On this page
  1. Security
  2. Key Stores and Trust Stores
  3. PGP Key Store and PGP Trust Store

PGP Key Store

PGP key pair generation is needed when you want to manage end-to-end PGP envelopes. Depending on the target operation to be performed (digital signature, encryption), you must select the appropriate key type.

To generate a new RSA public or private key pair, follow these steps:

  1. Click on Setup β†’ PGP Key Stores.

  2. In the Select a cluster drop-down list, select a cluster.

  3. Click the NEW button and fill in these fields:

Field
Description

USER IDS

Insert the user id.

VALIDITY IN DAYS

Insert the number of days the key must be available.

KEY LENGTH

Select the length of the key. Please note that a recommended β€˜key length’ should have key-length > subkey-length. Usually, 2048 is the recommended value for each asymmetrical algorithm in the list. Possible values: SIZE_1024 SIZE_2048 (default) SIZE_3072 SIZE_4096

TYPE

Select the type of key. Possible values: RSA_GENERAL RSA_SIGN RSA_DSA

You can import an existing private keyring by clicking the IMPORT button. You just need to select the file and enter the password.

A keyring can either be in an armor or binary format, and the system will automatically self-detect it.

Make sure you have the password configured during secret creation!

Clicking the 3-dot icon on the right of the entry, you can view the details, delete, export, or create a sub key for your key or certificate.

In a PGP environment, it is often useful to preserve the master private key and operate using a subkey, signed with the master key.

To generate a subkey, click the three-dot icon on the right of the master key and select the Create Sub Key option. In the PGP Key Store window, select the options:

Properties
Description

VALIDITY IN DAYS

Insert the number of days the key must be available

KEY LENGTH

Possible values: SIZE_1024 SIZE_2048 (default) SIZE_3072 SIZE_4096

TYPE

Select type. Possible values: RSA_GENERAL RSA_SIGN RSA_DSA RSA_ENCRYPT

Any Master/Sub-key combination is possible. Typically use:

  • RSA_GENERAL master β†’ RSA GENERAL sub-key

  • DSA master β†’ any ElGamal as sub-key

To export an existing private keyring, click the three-dot icon on the right of the master key and select the Export Key option.

In the PGP Key Store window, select the options:

  1. Export Format: a. PEM b. DER

  2. Password and confirm Password.

  3. Click Save.

PreviousPGP Key Store and PGP Trust StoreNextImporting keys into the PGP Trust Store

Last updated 21 days ago

To view which sub-key is associated with a master key press the button on the left:

πŸ”“