Symptom
This KB article provides supplemental information regarding PGP encryption for SAP SuccessFactors Learning Connectors.
Environment
SAP SuccessFactors Learning
Resolution
SuccessFactors Learning Connectors & PGP Encryption
LMS connectors have the ability to process PGP encrypted input files. PGP stands for Pretty Good Privacy, and is a widely used encryption program that encrypts and decrypt files. PGP uses a variation of the public key (PK) system where each user has a publicly known encryption key and a private key known only to that user. The message is encrypted using the Public key shared between the two users and the receiver uses the private key (known only to the user) to decrypt the message.
Connector Configuration
- Once input files are encrypted and ready for connector processing, the following properties need to be configured via LMS Admin > System Administration > Configuration > System Configuration > CONNECTORS
# PGP setup for decryption of input files
connector.pgp.enabled=
connector.pgp.public.keyring=
connector.pgp.secret.keyring=
connector.pgp.passphrase=
connector.pgp.file.extension=.pgp
- After the configuration is updated, proceed with uploading the files to the configured FTP location and run the connectors.
Note: The connector.pgp.secret.keyring and connector.pgp.passphrase values are encrypted by LMS when the configuration gets saved, hence the values displayed after the update will not match with the original.
FAQs
-
Yes, if the corresponding public key, secret key and passphrase are available.
-
Yes, if the connector does not find the .pgp file, it will default to the other .txt, .csv, or .zip file extensions.
Other Notes:
-
Please see Configuring the Connector FTP Site.
-
If error: "Could not close the input stream for file <Filename>" Or "Pipe Closed" is seen during implementation, This is a issue with the provided public key, secret key or passphrase" Please make sure to reach out to your implementation partner on this issue.
-
All public and secret should be base64 UTF-8 unix encoded (If there is a option between Unix and Windows choose Unix) no prepending or appending to the key needs to be done when making base 64 encoding.
-
Passphrase does not need to be encoded.
IMPORTANT: PGP encryption implementation is not within the scope of Product Support. Please contact your Implementation Partner for assistance or your CSM/CEE/Account Executive to request SAP Professional Services.
See Also
Keywords
sf, success factors, LMS, pgp encryption, connector encryption, decrypting , KBA , LOD-SF-LMS-CON , Connectors , How To