Pipeline Components Included with Link

Save unencrypted InterchangeIn and InterchangeOut to Additional files.Save unencrypted InterchangeIn and InterchangeOut to Additional files.

Pipeline components Included with Link

Promote a specific context property

Based on a condition a specific field will be promoted

Do up to 10 replacements of values in message.

Unzip a document

When using for instance the POP3 adapter a multipart message can be received and it’s probably only some of the parts we are interested in.

This can be used to add/remove xml namespace or prefixes.

This can be used to Zip documents

Q&A: If you get this error:

• The file name or path does not exist.

• The file is being used by another program.

• The workbook you are trying to save has the same name as a currently open workbook.

Try this:

For 64-bit (x64), create this folder:
C:\Windows\SysWOW64\config\systemprofile\Desktop

For 32-bit (x86), create this folder:
C:\Windows\System32\config\systemprofile\Desktop


We deliver a pipline component "EdiPortal.Common.PipelineComponents.PGPComponent.dll" that you have to drag into your own pipeline and configure the parameters. In below table you can see the list of parameters, which should be set differently whether you are receiving PGP encrypted documents or want to PGP encrypt documents before sending them.

LinkPGPComponent Pipeline Component properties

PropertiesExample/Possible ValuesComment
FunctionEncryptAndSign/DecryptAndVerifyIn a scenario where you want to send encrypted and signed documents use EncryptAndSign. In a scenario where ou want to receive a document, decrypt and verify signature, use DecryptAndVerify
OverwritealwaysPgpEncryptTrue/False???
Passphrase
The passphrase that was used when generating the Key. Leave blank if you are using the Certificate Manager
PgpKeyPlugin
If you are storing your Key's in a different system you can write your own plugin for fetching the Keys. Specify the FullyQualifiedAssemblyName of your plugin here. It needs to be GAC'ed on the Biztalk server(s).
PrivateKey
File path for the PrivateKey. Leave blank if you are using the Certificate Manager
PublicKey
File path for the PublicKey. Leave blank if you are using the Certificate Manager

Bouncy Castle dll, but it is incl in Link installation.

You have the following possiblities of how to configure this:


  1. You decrypt and verify signature of a message in the "Rcv_EdiPortalDocument" Pipline's "PreDisassemblePipeline" by creating your own pipeline and dragging our pgp pipeline component "EdiPortal.Common.PipelineComponents.PGPComponent.dll" into your pipeline and configure the pipeline components paramters acording to above documentation of the parameters. The "EdiPortal.Common.PipelineComponents.PGPComponent.dll" pipeline component needs to know the identify of the "Receiver Partner" to lookup the Private Key used for decryption and also needs to know the identify of the "Sender Partner" to lookup the Public Key and verify the signature, if the message is signed. The identity of the Sender Partner and Receiver Partner have to be configured using the "Rcv_EdiPortalDocument" Pipline's properties. E.g. ReceiverIdMacro, ReceiverIdQualifierMacro, SenderIdMacro and SenderIdQualifierMacro (other properties that will identify the "Sender Partner" and "Receiver Partner" can also be used).
  2. If you use the PrivateKey and PublicKey pipeline component properties listed in above table you don't have to know the identity of the "Sender Partner and "Receiver Partner" because it is specified directly where to find the Private Key and Public Key, but you will miss out on the advantages of storing the Keys in LINK's certificate manager.

PGPDecrypt.gif


Note: does verify signature work yet!? Confirm with Paw/David.

Saving unencrypted InterchangeIn and InterchangeOut to Additional files.

The reason why we need to backup extra files is that the Interchange File In will be encrypted, and you will not be able to see the Interchange File In its unencrypted state without the extra backup file.

Bouncy Castle dll, but it is incl in Link installation.

Uses your private key and passphrase to sign the message

Uses the recipient public key to encrypt the message.

It is possible to manage external certificates in LINK Certificate Manager if the certificates are stored somewhere else. This could be done for a number of reasons, for example security (e.g. stored on "cryptographic hardware") or because the certificates are used by other systems as well (stored centrally), etc. 

There is an API for keeping the metadata in LINK in sync, so that if a certificate is created, updated or deleted in the external system the metadata will be created, updated or deleted in LINK as well.

Read more about how the API works, here at PGP WebService Interface For Certificate Metadata: Klik

The metadata is available in LINK for multiple reasons listed below:

1) The metadata contains a reference to the external certificate so that it can be loaded and maintained by LINK.

2) Ability to notify administrators/users if a certificate is about to expire and no other certificate is configured to overlap it,

If you are managing your certificates outside LINK you need to do 2 things:

1) Create the meta data for the certificates through the API as described above.

2) Implement your own certificate plugin to load the external certificates which is described in more detail here: Loading External Certificates


Kleopatra for generating Key's.

You can use the tool called Kleopatra, to generate key pairs. 

Content on this page:

The information on this page is based on Link 2.10