Video Screencast Help

Using PGP Universal Server to manage key pairs

Created: 10 Aug 2012 | 2 comments

Hi,

I'm currently looking into using PGP Universal Server

I'm currently looking into using PGP Universal Server in combination with PGP Command Line in order to encrypt files to send to some of our customers. Our customers already pay for a variety of services from us, and managment would like it if we could manage the generation of key pairs for this certificate encryption. I have been advised that this is possible via Universal Server. Our customers are on seperate sites and domains from our network, but are able to reach our network to run applications that we provide for them.I'm just wondering how this would work. If our customers had say PGP Command Line or Desktop on their end to decrypt the files we send (via an FTP site), how would the Universal Server interact with this? I understand that Universal Server can be set up in Server Key Managment mode so that it handles the keys. Would then then just be exported to the Customer? I just want a bit more info on how this would work before I send a proposal to managment.

 

Thanks

Comments 2 CommentsJump to latest comment

Alex_CST's picture

They would be connected via SOAP over HTTPS, so as long as your PGP UN is in the DMZ, which is where it should be, the machine running the PGPCL will be able to find it no problem.

You then tell the PGPCL where the keys are stored via the --usp-server command.

Have a look in https://www-secure.symantec.com/connect/security/forums/key-management for some scripts like securly transferring the keys if you create them at the PGPCL end

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

Mr.Anderson's picture

Thanks for the info!

What goes up, must come down. Ask any systems administrator. ~ Anonymous.