Topic

How to generate a file encryption key for SFTP uploads for a new connection or when your encryption key is about to expire.

Description

Your contact and asset SFTP upload files may be encrypted using a file encryption key. By default, the encryption key for both contact upload files and asset upload files is downloaded as a GPG file. Typically a GPG key is compatible with both PGP and GPG encrypted files. However, this is only true for contact upload files. Contact upload files formatted as either GPG or PGP files may be uploaded to the portal.  Asset upload files may only be encrypted in GPG format before uploading to the portal.

A file encryption key needs to be generated:

• The first time you use file encryption, or
• When your file encryption key expires - The encryption key used to encrypt the CSV upload file that is sent to Everbridge via SFTP and downloaded from the Everbridge manager portal will expire after three years.

These steps are for generating a new key for the first time or for generating a new key after your current key is about to expire. 

In order to generate a new encryption key, an Account or Organization Admin can follow the steps below:      

1. Log in to the Manager Portal: 

• If you are managing contacts at the account level go to Settings > Security > Secure FTP.
• If you are managing contacts at the organization level, go to Settings > Organization > Contacts/Assets > Upload Options.

The example in the screenshot below is from an organization:
 

2. Under File Encryption, select Generate a New Key. NOTE: Encryption Status must be set to On in order for this option to appear. 
3. A pop-up will display the following message:

Once a new key is generated, your old key will no longer work. You will need to update your process with the new key.

4. Select Generate Key. Generating a new key will make the prior key invalid. If you were using the previous key you will need to remove the old key from your encryption application's keyring so that it is no longer being used.
5. Once the new key is generated, select Download.

If you need to download the SSH key for the SFTP connection, see knowledge article EBS: How to Generate a File Encryption Key for Contact and/or Asset SFTP Uploads.