How to create a PGP Private/Public key-pair to enable Bloomberg archiving in Enterprise Vault.cloud

How to create a PGP Private/Public key-pair to enable Bloomberg archiving in Enterprise Vault.cloud

Article: 100049580
Last Published: 2021-03-30
Ratings: 0 0
Product(s): Enterprise Vault.cloud

Description

Enterprise Vault.cloud (EV.c) archives Bloomberg data directly from the Bloomberg SFTP servers Root directory.  This data is encrypted and requires a decryption key in order to be archived successfully.  In order for decryption to occur a Private/Public keypair must be created, with the public key being uploaded to Bloomberg and the private being uploaded to EVC.

The following steps are from the Bloomberg SFTP Encryption Guide (written by Bloomberg support), but have been simplified and updated as this document contains additional non-relevant steps for EV.c.

Creating the keypair

    1. Download the latest version of GPG4Win   
    2. Run the GPG4Win installer. This will install Kleopatra and add new options to the Windows Right-Click menu
    3. Open Kleopatra
    4. Go to File > New Key Pair
    5. Select the option Create a personal OpenPGP key pair
    6. Type a Name/Email address (at least one is required to continue) and click Next
    7. Click Create
    8. Enter a passphrase for the keypair and clock OK
        NOTE: Be sure to write down/remember this passphrase is it will be needed later
    9. Click Make a backup of your keypair and save a local copy of the keypair for backup purposes
    10. Enter the passphrase for the keypair and click Ok
    11. Click Finish

Uploading the Private key to EV.c

    1. Open Kleopatra
    2. Right click on the new keypair that was created earlier
    3. Click Export Secret Keys
    4. Save the file locally, adding the extension manually to the filename
        NOTE: DO NOT save the key as "ASC".  EV.c only accepts .PGP, .CER, or .CRT extensions
    5. Login to Manage console with an administrator account
    6. Go to Archive Collectors > Bloomberg > Bloomberg Settings
    7. Enter in the following and click Save:
        - Firm Code
        - FTP Login
        - FTP Password
    8. On the Upload Encryption Key section, click Browse and Upload. Navigate to the private key that was exported in step 4
    9. Enter the passphrase that was set during the keypair creation
    10. Click Upload

Uploading the Public key to Bloomberg

    1. Open Kleopatra
    2. Right-click on the new keypair that was created earlier
    3. Click Export
    4. Save the file locally
    5. Login to Bloombergs CCNS<GO>
    6. Go to the Public Keys tab
    7. Click Add
    8. From the Key Type: drop-down, select Encryption
    9. Open the public key, that was exported in step 4, in any text editor (ie: notepad)
    10. Copy all of the contents of the public key and paste them into CCNS<GO>
        NOTE: Be sure to include the "-----BEGIN PGP PUBLIC KEY BLOCK-----" and "-----END PGP PUBLIC KEY BLOCK-----"  in the copied/pasted text
    11. Click Add
    12. Click Submit

Testing the decryption

    1. After 3 days, the new public key will be used to encrypt the data on the Bloomberg side
    2. Download the latest version of WinSCP
    3. Install and open WinSCP
    4. Use the following settings:
        - File Protocol: SFTP
        - Host Name: ftpcom.bloomberg.com
        - Port Number: 30206
        - User Name: <Users Bloomberg FTP username>
        - Password: <Users Bloomberg FTP password>
    5. Click Login
    6. Right click on a file and click Download (Filename example: f123456.msg.171231.xml.gpg)
    7. Once the file is downloaded, navigate to it in Windows Explorer
    8. Right click on the file and go to More GpgEX options > Decrypt
       NOTE: This step needs to be done on the same workstation/server where the keypair is installed in Kleopatra
    9. Click Decrypt/Verify
    10. If the decryption was successful, then the encryption and decryption keys are correct

Was this content helpful?