Install a PGP key pair for PGP-encrypted connections
Introduction
Some third parties require PGP signing and/or encryption of files sent to them and send back encrypted and/or signed files in return. This article explains how to generate and install a PGP key pair to be used with such connections.
Generate your key pair
In order to start using PGP encryption, you need to generate a key pair. If you already have a key pair from before, you can skip this section.
Install GPG (https://gnupg.org/).
Run the command
gpg --full-generate-key. You are then asked a series of questions.Choose the options RSA with 4096 bits and set your desired expiration date. Ask the third party if the PGP key needs to have an expiration date.
Enter your user ID information and store this information for later use. Provide a secure passphrase to protect the key against unauthorised use.
Export your key pair
Check the ID of your newly generated key with
gpg --list-secret-keys --keyid-format LONG.From the list of keys, copy the key ID that you would like to use. The key ID is shown on the row starting with sec and following the dash sign. For example “sec 4096R/3AA5C34371567BD2 2016-03-10 [expires: 2017-03-10]” means that the key ID is 3AA5C34371567BD2.
Export your private key
gpg --export-secret-keys YOUR_ID_HERE > private.gpg.Export your public key
gpg --export YOUR_ID_HERE > public.gpg.
Upload your key pair to FA
Note
Changing these configurations requires the Bank and custody connections (BCC) role.
Go to Tools → Administer → Bank and custody connections → Upload keys.
 |
Choose Bank and custody connection keys andclick Choose file. Browse your private key with the name private.gpg and click Upload. Repeat for public.gpg. Finally click Confirm upload.
Now the key is uploaded and you can continue with configuring your desired connection.