SAP Knowledge Base Article - Public

2361997 - Information on PGP Encryption for SuccessFactors Learning Connectors

Symptom

This KB article provides supplemental information regarding PGP encryption for LMS Connectors

Environment

SAP SuccessFactors Learning

Resolution

SuccessFactors Learning Connectors & PGP Encryption

LMS connectors have the ability to process PGP encrypted input files. PGP stands for Pretty Good Privacy, and is a widely used encryption program that encrypts and decrypt files. PGP uses a variation of the public key (PK) system where each user has a publicly known encryption key and a private key known only to that user. The message is encrypted using the Public key shared between the two users and the receiver uses the private key (known only to the user) to decrypt the message.

Connector Configuration

  • Once input files are encrypted and ready for connector processing, the following properties need to be configured via LMS Admin > System Administration > Configuration > System Configuration > CONNECTORS

# PGP setup for decryption of input files

connector.pgp.enabled=
connector.pgp.public.keyring=
connector.pgp.secret.keyring=
connector.pgp.passphrase=
connector.pgp.file.extension=.pgp

  • After the configuration is updated, proceed with uploading the files to the configured FTP location and run the connectors.

Note: The connector.pgp.secret.keyring and connector.pgp.passphrase values are encrypted by LMS when the configuration gets saved, hence the values displayed after the update will not match with the original.

FAQs

Can the keys be reused?
  • Yes, if the corresponding public key, secret key and passphrase are available.
Is it possible to continue processing regular files (without encryption) after enabling the PGP encryption?
  • Yes, if the connector does not find the .pgp file, it will default to the other .txt, .csv, or .zip file extensions.

Other Notes:

  • If error: "Could not close the input stream for file <Filename>" Or "Pipe Closed" is seen during implementation, This is a issue with the provided public key, secert key or passphrase" Please make sure to reach out to your implementation partner on this issue. 
  • All public and secret should be base64 UTF-8 unix encoded (If there is a option between Unix and Windows choose Unix) no prepending or appending to the key needs to be done when making base 64 encoding.
  • Passphrase does not need to be encoded. 

IMPORTANT: PGP encryption implementation is not within the scope of Product Support. Please contact your Implementation Partner for assistance or your CSM/CEE/Account Executive to request SAP Professional Services.

Keywords

sf, success factors, LMS, pgp encryption, connector encryption, decrypting , KBA , LOD-SF-LMS-CON , Connectors , How To

Product

SAP SuccessFactors Learning all versions