Dear Team,
We are working on AFT on ctmv7.0.
We were trying to use the encrption and decryption facility of AFT.
We have created a new pgp tempalate and keys for encrytion and decrption.
we have got pgp application as well installed pgp applicaiton as well locally ont he agent.
Any one who had worked on it cud u pls share in some of views on how to manage the pgp encyption and decryption in control-m v7 using AFT.
Any help at the earliest is much appreciated...
Control-M AFT PGP Encrytion and Decryption
Control-M AFT PGP Encrytion and Decryption
Nagarajan M S
I am using free software GnuPG - The GNU Privacy Guard Version 1.4.10 as the base application to encrypt and decrypt. Need to install it on the server where you have the AFT agent. Import your pgp keys to the app along with your public key.
Then define the accounts in the PGP Templates Management in the Configurtation Manager by right clicking the CM (FILE_TRANS) type. Use the GnuPGP template and define an account. Example: PGP Executable Full Path = D:\Program Files (x86)\GNU\GnuPG\gpg.exe Exit Code = 0 Passphrase = yours Recipient = Yours@company.com Encyption Parameters & Decryption Parameters = don't change except for if you are decrypting both fields should be the same (-d --batch --passphrase $$PGP_PASSPHRASE$$ -o $$PGP_OUTPUT_FILE$$ $$PGP_INPUT_FILE$$) and for encypting (-e --batch -r $$PGP_RECIPIENT$$ -o $$PGP_OUTPUT_FILE$$ $$PGP_INPUT_FILE$$).
After you have completed go to the AFT job and on the FILE_TRANS tab select the Advanced button for the desired file transfer and modify the Commans tab by selecting Enable PGP encryption, select the Load button and chose your account, I don't select the Keep encrypted files as I can always rerun the job. Test it. You will probably have to play with it by reading the sysouts to determine what is wrong until you get it right.
I have been using this for around three years so if you need more help let me know.
Then define the accounts in the PGP Templates Management in the Configurtation Manager by right clicking the CM (FILE_TRANS) type. Use the GnuPGP template and define an account. Example: PGP Executable Full Path = D:\Program Files (x86)\GNU\GnuPG\gpg.exe Exit Code = 0 Passphrase = yours Recipient = Yours@company.com Encyption Parameters & Decryption Parameters = don't change except for if you are decrypting both fields should be the same (-d --batch --passphrase $$PGP_PASSPHRASE$$ -o $$PGP_OUTPUT_FILE$$ $$PGP_INPUT_FILE$$) and for encypting (-e --batch -r $$PGP_RECIPIENT$$ -o $$PGP_OUTPUT_FILE$$ $$PGP_INPUT_FILE$$).
After you have completed go to the AFT job and on the FILE_TRANS tab select the Advanced button for the desired file transfer and modify the Commans tab by selecting Enable PGP encryption, select the Load button and chose your account, I don't select the Keep encrypted files as I can always rerun the job. Test it. You will probably have to play with it by reading the sysouts to determine what is wrong until you get it right.
I have been using this for around three years so if you need more help let me know.