These are the notes I received from our deployment person. I thought they might help someone else someday
<>
As good as the SFTP adapter is, I expected these PGP
pipeline components to be pretty slick. They are not.
What works:
1) Simple
passphrases – no spaces, no “special” characters.
2) Keyringfiles
in the “homedir” folder (wherever you care to specify that)
3) Keyring
file names cannot contain spaces.
4) Passphrase
has to be passed in PGPParams, but Keyrings should (if other than default
values) should be in the ‘Other’ field.
5) Multiple
elements may be passed in a line, but they have to be separated by %0d%0a
(carriage return/line feed)
6) Outbound
files require ‘recipient-userid=’ followed by either an email address
associated with the recipient’s key, or the embedded key name.
7) Inbound
just requires the secretkeyringfile and the passphrase (passphrase belongs in
PGPParams, keyringfile in ‘Other’
The largest failing in this
product is the lack of support for arbitrary passphrases. (though perhaps, if
we used SSO to store them, arbitrary passphrases would work OK – I don’t feel
like testing that just now.)
<>
No comments:
Post a Comment