Encrypting, Exporting, and sending Highfive your SSL Certificate Bundle

Highfive customers on the Standard or Professional plan can setup a Custom Domain by sending Highfive your SSL Certificate Bundle. This will encrypt your information being transferred via PGP keys. If you're using Windows, macOS, or Linux, follow the installation process below. 

Windows Installation

  1. Download Gpg4win

Key Generation

  1. Start Kleopatra
  2. Click File > New Certificate
  3. Click Create a personal OpenPGP key pair
  4. Enter your full name or company name
    • Enter email address
  5. Click Advanced Settings
    • Select RSA and +RSA for key type
    • Use key size 4,096 bits for both
    • Double check Signing is check-marked under Certificate Usage
  6. Click Next to review the details of the key
  7. Click Create Key and enter secure passphrase

Encrypting a file

  1. Start Kleopatra
  2. Go to Settings > Configure Kleopatra
  3. Under Directory Services
    • Click New if "keys.gnupg.net" is not in the directory list already
  4. Click Apply, then OK
  5. Click Lookup Certificates on Server
  6. Search for 0x56720B40, then Import the found key
  7. Find the file to sign and encrypt in Windows Explorer
  8. Right-click on the file and choose Sign and encrypt
  9. Double check:
    • Sign and Encrypt (OpenPGP only) is selected
    • Text output (ASCII armor) is selected
  10. When prompted, "For whom do you want to encrypt?"
    • Choose Highfive Technologies, Inc. 
    • Click Add
  11. Click Next, choose the appropriate signing certificate
  12. Click Sign & Encrypt
  13. Enter your passphrase

Exporting your PGP public key

  1. Start Kleopatra
  2. Find the key to export (key used for signing)
  3. Right-click on the key and click Export Certificates...
  4. Choose a folder to save public key
  5. Click Save

macOS Installation

  1. Download GPG Tools

Key Generation

  1. Launch GPG Keychain
  2. Click New to generate a new key pair
  3. Enter your full name or company name
    • Enter email address
  4. Expand Advanced Options
    • Leave Comment field blank
    • Select RSA and RSA (default) for key type
    • Use key size 4,096 bits
  5. Enter a secure passphrase
  6. Click Generate Key
    • Wait until the key is generated

Encrypting a file

  1. Launch the macOS Terminal app
  2. Download the HighFive Public Key:
    • Run gpg --keyserver pgp.mit.edu --recv-key 56720B40
  3. Encrypt and sign the file:
    • Run gpg --local-user <KEY_ID> --output /path/to/file.gpg --armor --sign --encrypt --recipient security@highfive.com /path/to/file (Replace KEY_ID with the Key ID of the key you generated)

Exporting your PGP public key

  1. Launch the macOS Terminal app
  2. Export your PGP public key:
    • Run gpg --armor --output public_key.gpg --export <KEY_ID> (Replace <KEY_ID> with the Key ID or E-mail of the key you generated)

Linux (Ubuntu) Installation

  1. Open a terminal window
  2. Run sudo apt-get install gnupg

Key Generation

  1. Open a terminal window
  2. Run gpg --gen-key and answer the questions
    • Select RSA and +RSA for key type
    • Use key size 4096 bits for both
    • Enter full name or company name

Encrypting a file

  1. Open a terminal window
  2. Download the HighFive Public Key:
    • Run gpg --keyserver pgp.mit.edu --recv-key 56720B40
  3. Encrypt and sign the file:
    • Run gpg --local-user <KEY_ID> --output /path/to/file.gpg --armor --sign --encrypt --recipient security@highfive.com /path/to/file (Replace KEY_ID with the Key ID of the key you generated)

Exporting your PGP public key

  1. Open a terminal window
  2. Export your PGP public key:
    • Run gpg --armor --output public_key.gpg --export <KEY_ID> (Replace <KEY_ID> with the Key ID or E-mail of the key you generated)

 

Have more questions? Submit a request

Comments

Powered by Zendesk