How to Use OpenPGP Encryption with NPrinting

    Encrypt reports using the OpenPGP algorithm. OpenPGP uses public key cryptography. Each recipient can be assigned a UserID which corresponds to their Public certificate. Download the Gpg4Win suite from www.gpg4win.org and install it. It will need to be installed on both the computer where the distributing installation of NPrinting is and all the computers of recipients who will need to receive encrypted reports. Gpg4Win is a free suite of applications that includes GnuPG and Kleopatra which allow you to:

    • Create and manage certificates
    • Encrypt and decrypt files and e-mail messages

    Creation of a certificate or key pair needs to be carried out on the computer for each recipient that you will need to send encrypted reports to. You then need to collect the public key from each of those recipients and import them with Kleopatra on the distributing installation of NPrinting. You must then activate encryption for the respective recipient in NPrinting. The public key will be used to encrypt the reports distributed by NPrinting to that recipient if encryption is activated.

       
       
           
             

    Create a New Certificate

                       
                Create-a-New-Certificate.png                   
             

    Open Kleopatra, a component of the suite, and:

    1. Click on File
    2. Click on New Certificate... or press Ctrl+N
           
           
           
             

    Choose Which Kind of Key Pair to Create

                       
                Choose-Which-Kind-of-Key-Pair-to-Create.png                   
             

    Select  Create a personal OpenPGP key pair unless there is a reason to prefer using the X.509 standard.

           
           
           
             

    Enter Your Details and Open Advanced Settings...

                       
                Enter-Your-Details-and-Open-Advanced-Settings.png                   
             
    1. Enter your Name
    2. Enter an EMail address
    3. Enter any information you would like to distinguish this certificate from others
    4. Click on Advanced Settings...
           
           
           
             

    Select Advanced Settings

                       
                Select-Advanced-Settings.png                   
             
    1. Vary encryption algorithm and the key length, establish a certificate expiration date, or set other parameters to suit your needs
    2. Click on OK.
           
           
           
             

    Pass to Next Wizard Step

                       
                Pass-to-Next-Wizard-Step.png                   
             

    Click on Next.

           
           
           
             

    Create Encryption Key

                       
                Create-Encryption-Key.png                   
             

    Click on Create Key

           
           
           
             

    Enter Some Gibberish and a Passphrase

                       
                Enter-Some-Gibberish-and-a-Passphrase.png                   
             
    1. Enter a series of random characters
    2. Enter a Passphrase
    3. Click on OK
           
           
           
             

    Conclude Certificate Creation

                       
                Conclude-Certificate-Creation.png                   
             

    Click on Finish.

           
           
           
             

    Export Certificates

                       
                Export-Certificates.png                   
             
    1. Select one or more certificates
    2. Click on the Export Certificates button
           
           
           
             

    Export Your Certificates to a Convenient Folder

                       
                Export-Your-Certificates-to-a-Convenient-Folder.png                   
             
    1. Browse to the folder where you want to keep your keys and enter an appropriate File name for the Key file
    2. Click on Save

    This file can now be sent as an attachment to e-mail.

    Once the distribution point for NPrinting report generation and distribution has received a public certificate/key, the key must be imported by Kleopatra

           
           
           
             

    Import Another User's Public Key

                       
                Import-Another-User-s-Public-Key.png                   
             

    When you receive Yet Another's Public Key, import it with Kleopatra by opening Kleopatra and clicking on Import Certificates.

           
           
           
             

    Select Certificate to Import

                       
                Select-Certificate-to-Import.png                   
             
    1. Browse to where you saved the certificate and select it
    2. Click on Open
           
           
           
             

    Conclude Certificate Import

                       
                Conclude-Certificate-Import.png                   
             

    Click on OK.

    Now encryption can be activated for the recipient, Yet Another, in NPrinting.

           
           
           
             

    Be Ware of Certificate

                       
                Be-Ware-of-Certificate.png                   
             

    When you use a public certificate that you have imported but not certified as authentic, this warning pops up. You can use the public key by answering 'y'es, but this warning will pop up every time you use this key until you certify it as authentic. The procedure for certifying the key follows.

           
           
           
             

    Begin Certification Process

                       
                Begin-Certification-Process.png                   
             
    1. Right click on the certificate(s) in the Imported Certificates window to bring up the contextual menu (you can select more than one)
    2. Select Certify Certificate
           
           
           
             

    Select Certificates to Be Certified

                       
                Select-Certificates-to-Be-Certified.png                   
             
    1. Select the user IDs that you desire to certify (there may be more than one)
    2. Put a check mark in the I have verified the fingerprint box by clicking on it
    3. Click on the Next button
           
           
           
             

    Make Your Certification Public or Keep It Private

                       
                Make-Your-Certification-Public-or-Keep-It-Private.png                   
             
    1. Select from among your certificates, if you have more than one, to sign with
    2. Select whether to make your certification private or public
    3. Click on the Certify button
           
           
           
             

    Enter Secret Key Passphrase

                       
                Enter-Secret-Key-Passphrase.png                   
             
    1. Enter the Passphrase set when creating the secret/public key
    2. Click on the OK button
           
           
           
             

    Take Note

                       
                Take-Note.png                   
             

    Click on the Continue button.

           
           
           
             

    Take Note Again

                       
                Take-Note-Again.png                   
             

    Click on the Continue button.

           
           
           
             

    Rejoice in Success

                       
                Rejoice-in-Success.png                   
             

    Click on the OK button.

           
           
           
             

    Note, Rejoice, and Finish

                       
                Note--Rejoice--and-Finish.png                   
             

    Click on the Finish button.

           
           
           
             

    Look for Certified Key under Trusted Certificates

                       
                Look-for-Certified-Key-under-Trusted-Certificates.png                   
             

    When you click on the Lookup Certificates on Server button, the certified certificate will be under the Trusted Certificates tab

           
           
           
             

    Open Yet Another Recipient

                       
                Open-Yet-Another-Recipient.png                   
             

    Open an NPrinting file in NPrinting if one is not already open.

    1. Select Recipients in the lower left pane of NPrinting
    2. Select Recipients in the upper left pane
    3. Find Yet Another in the recipient list and double click on the item
           
           
           
             

    Activate Encryption for User Yet Another

                       
                Activate-Encryption-for-User-Yet-Another.png                   
             
    1. Enter a check mark in the Enable Encryption box by clicking on it
    2. Enter the Name for the certificate from Kleopatra in the User Id field
           
           
           
             

    Conclude Enabling Encryption

                       
                Conclude-Enabling-Encryption.png                   
             

    Click on Save and Close

    From now on, all reports distributed from this installation of NPrinting to recipient Yet Another will be encrypted. If encryption becomes unnecessary, reopen Yet Another's recipient file and uncheck the Enable Encryption box by clicking on it. If some encrypted and other unencrypted reports need to be distributed to Yet Another, then two Yet Another accounts will need to be created, e.g. Yet Another encrypted and Yet Another unencrypted.

           
           
           
             

    Get Practical Experience

             

    Run a task that sends an encrypted report to Yet Another and continue on.

           
           
           
             

    Decrypt an Encrypted Report

                       
                Decrypt-an-Encrypted-Report.png                   
             
    1. Right click on the encrypted report file identifiable by the .gpg extension
    2. Click on Decrypt and verify
           
           
           
             

    Unlock Secret Key

                       
                Unlock-Secret-Key.png                   
             
    1. Enter the passphrase you chose when creating the certificate
    2. Click on OK
           
           
           
             

    Set Parameters for Decrypting and Verifying

                       
                Set-Parameters-for-Decrypting-and-Verifying.png                   
             
    1. Check and modify decryption and verification parameters
    2. Check and modify Output parameters
    3. Click on Decrypt/Verify
           
           
           
             

    Notification of Operation Results

                       
                Notification-of-Operation-Results.png                   
             

    Successful operation, click on OK.

           
           
           
             

    Verify Decrypted Report

                       
                Verify-Decrypted-Report.png                   
             

    Now there are two copies of the Report, one encrypted and one not.