With the Encryption connector, you can use commands in a chain to encrypt or decrypt files or plaintext using Pretty Good Privacy (PGP) keys or X.509 certificates.
Note: For PGP encryption, the connector supports Advanced Encryption Standard (AES)-128; for PGP decryption, AES-128, AES-256, CAST-128 (CAST5), and Triple Data Encryption Standard (3DES).
To set up the connector, you'll need:
- The PGP or X.509 public key file to use for encryption
- The public key's corresponding private key file for decryption
- The private key's password (if applicable)
Set up the Encryption connector
Note: To make the connector available for use in your organization's chains, an org security administrator first enables it from Configuration.
- From Chains, click Connections and Add Connection .
- Under BizApp Connection, select Encryption and the default CloudRunner.
- Under Basic Info, enter a unique name and description to help identify the connection.
- Under Resources, upload the public key and private key files.
- Under Properties, enter the connection's details:
Property Details PGP public key file To encrypt with a PGP key, enter the filename of the public key file uploaded under Resources. PGP private key file To decrypt PGP encryption, enter the filename of the private key file uploaded under Resources. PGP private key password Enter the password created with the PGP private key file, if applicable. If no password was created, leave blank. X509 public key file To encrypt with an X.509 certificate, enter the filename of the public key file uploaded under Resources. X509 private key file To decrypt X.509 encryption, enter the filename of the private key uploaded under Resources. X509 private key password Enter the password created with the X.509 private key file, if applicable. If no password was created, leave blank.
Note: All sensitive credentials are automatically encrypted and stored at AES-256 encryption.
- Select the environments to use the connection, and click Save.
- To test the connection, create and run a chain with the connector's Encrypt with PGP Key or Encrypt with X509 Certificate command, and verify it returns a valid output.
If encryption or decryption fails:
- Verify the public and private key files entered under Properties match the files uploaded under Resources.
- Check the password entered for the private key file, if applicable.