Hi guys, in this article I want to share one more tip in CPI, that is PGP keys. First, kindly take a look diagram below
As you known in picture, all of thing which we need in scenario are
- Create key pair and save private key (A) by yourself and send public key to partner. Partner will encrypt data by public key and send to your system (CPI). CPI will use private key to decrypt data.
- Save public key (B) of partner in your system and use it to encrypt data which sent to system partner (B)
In SAP CPI, we will use PGP keys, PGP ENCRYPTOR, PGP DECRYPTOR to do this. OK let’s begin.
I. Create private key and public key
To do this, we will use software KLEOPATRA. you can download it over internet.
Click New Key Pair
Export public key
Export PGP private key
OK, public key and private key will be used in encryption and decryption data.
II. PGP Encryption
Scenario – Data plain text will sent by HTTPS adapter. In IFLOW, data will be encrypt by use component PGP ENCRYPTOR and send file XML to SFTP folder.
Step II – 1. Import PGP public key into PGP Keys
Step II-2. Design IFLOW with component PGP ENCRYPTOR
Step II-3. TEST by POSTMAN
III. PGP Decryption
Scenario – Receive data which encrypted before to IFLOW, use component PGP DECRYPTOR to decrypt data and send to backend
Step III-1. Import private key into PGP Keys.
Step III-2. Design IFLOW with component PGP DECRYPTOR
Step III-3. TEST by POSTMAN
This testing, kindly try by your self. Thanks.
IV. How to install many public key/private key in CPI
In PGP Keys of CPI, just allow add only one public key, if we add one more another public key, It will be overwrite. So, If we need add many public of many provider, how do we will do ?
The answer is very simple, we will add all public key into one file. And after that, add this file into CPI. This is steps
- Add all public key into file
- Add this file into CPI
With private key, we need make sure all key have to the same pass phrase. If not, we will receive error when import into CPI.
In this article, we worked together to understand and config PGP keys in SAP CPI. In fact, this configured will be a small part in big picture of data protection over un-secure network. Thanks for your reading and any advise, any discussion or any another blog about SAP CPI, SAP BTP… kindly leave your comment on this. I love CPI. Thanks