Creating PGP key pairs

Whenever you create a PGP key pair, you either generate a key pair that has a private key and a public key or upload your own public key.

About this task

To create a PGP key, refer to the procedure that follows.

Procedure

From the PGP key tab on the Keys and certificates list page, click New key to create a PGP key.
On the New PGP key window, enter a CTE business alias, which is your business account name.
Provide a name for your PGP key in the PGP key name field.
If you want to create a variant PGP key, or use a different PGP key in the CTE and production environments, select the Uses a different PGP key in CTE and production checkbox.

Tip: If you select this checkbox and create a variant PGP key, the key appears in the PGP key tab on the Keys and certificates list page with a flag icon.
In the Key expires in field, input a value and select the duration from the drop-down. For more information, see PGP key expiration.
Generate a new key pair after you are past the expiration date for the key. The key expiration feature is only implemented in the user interface (UI), and does not impact how the key is handled in the backend of the application.
If you set your PGP key to expire between one and five years, you must acknowledge the security risk that is associated with setting longer expiration dates. Click Allow security risk and use the Description text field to share your reason.
Use the Would you like to make this key shareable section to select whether you want to share your PGP key. If you select Exclusive, you cannot share your PGP key details with your trading partners. If you select Shareable, you can share your PGP key.
If you select the Shareable option, you cannot use the generated flow to have IBM generate a PGP key for you.
If you are uploading your own PGP key, select the Upload my PGP public key option. Or select Have IBM generate a key for me if you want the key to be system generated.
- If you select the Upload my PGP public key option, and are creating a variant PGP key, see Uploading my own PGP public key of the variant type.
- If you select the Upload my PGP public key option, and are creating a nonvariant PGP key, see Uploading my own PGP public key of the nonvariant type.
- If you select the Have IBM generate a key for me option and are creating a variant PGP key, see System-generated PGP key of the variant type.
- If you select the Have IBM generate a key for me option, and are creating a nonvariant PGP key, see System-generated PGP key of the nonvariant type.
Input your comments in PGP key description (Optional). This field can contain up to 250 characters. You can input only ASCII characters.
Click Create PGP key.

What to do next

If you are deploying a variant PGP key, see Deploying variant PGP keys. Alternatively, if you are deploying a nonvariant PGP key, see Deploying nonvariant PGP keys.