OpenPGP partner mailbox packaging reference

Note: Values you specify in the Encrypt Outbound, Decrypt Inbound, and certificate fields are shared between the OpenPGP and XML encryption configurations. You can specify these values once in either place to populate both configurations.

When using OpenPGP, if your trading partner has provided an OpenPGP public key, you can use the Certificate Manager to generate a Trusted CA Certificate from an OpenPGP key . See Certificate management and Generating trusted CA certificates from OpenPGP or SSH FTP keys. Similarly, if your trading partner requires an OpenPGP public key, you can use the Certificate Manager to export an OpenPGP key . See Certificate management and Exporting certificates.

Encrypt Outbound

Select this check box to enable fields related to encrypting outbound messages.

It is recommended that you enter both your trading partner's certificate and your user certificate as both might be necessary depending upon the options selected.

Values you specify in the Encrypt Outbound, Decrypt Inbound, and certificate fields are shared between the OpenPGP and XML encryption configurations. You can specify these values once in either place to populate both configurations.

Decrypt Inbound

Select this check box to enable fields related to decrypting inbound messages.

it is recommended that you enter both your trading partner's certificate and your user certificate as both might be necessary depending upon the options selected.

It is important to understand that the Encrypt Outbound, Decrypt Inbound, and certificate fields are shared between the two dialogs.

Encryption/Signature Verification

Certificate

Enabled when you select either the Encrypt Outbound or Decrypt Inbound check box.

Click Browse to navigate to and select the certificate you want to use. The Certificate field is populated with the path of the certificate you select.

If multiple recipients are required, you can use the SET command to specify multiple certificates using the ‘|’ (pipe) character. For example:

SET mailbox.PartnerPGPEncryptionCert=certs\companyA.cer  | certs\personB.cer | certs\trunk.cer | certs\companyC.p7b

Decryption/Signing

By default, the signing certificate you configured on the Certificates tab of the Local Listener panel is used to sign and decrypt your files. See Configuring certificates for Local Listener.

Override Local Listener Certificate: Enables fields where you specify a certificate to use instead of the one you configured for the Local Listener. See Configuring certificates for Local Listener.; If you override the default certificates, you must also exchange the certificates you specify here with your partner.
Exchange Certificates: Displays the Certificate Exchange dialog box, which allows you to send your certificates to your trading partner. See Exchanging certificates with your trading partner.; If you choose to schedule the PGP packaging certificate for future use, there is a field available, Allow Overlapping Key Usage, that lets you choose how certificates should be used when their schedules overlap. See Allowing overlapping signing/encryption keys.
Certificate Alias
Password: Click Browse to navigate to and select a certificate. Enter the Password for your certificate's private key.

Outbound Options

A file can be sent to the remote host with any combination of the following options available on the Advanced tab under Configure System Options. See Advanced system options for more information.

Encrypted: Encrypt using the PGP Encryption Algorithm property.
Signed: Sign using the PGP Hash Algorithm.
Encrypt to My Certificate: Allow My Certificate as well as Trading Partner’s Certificate to decrypt outbound encrypted files. The Encrypted box must be checked to enable and use this option.
Armored (Base 64): Armor (Base64 encode) the data. Base64 encoding converts binary data to printable ASCII characters.
Compressed: Compress using the PGP Compression Algorithm.

Inbound Security

Force Encryption
Force Signature: When you select Force Encryption or Force Signature, all inbound messages are checked for the required security level. An error is logged and the message is rejected if the message is not received according to the corresponding message security settings. If either setting is not selected (default), the message is not checked for conformance with that security setting.
Allow non-OpenPGP: Allows non-OpenPGP formatted data to be processed without generating OpenPGP related errors.