[SalesForce] PGP Encryption Marketing Cloud File Transfer

I'm not sure which PGP public key you are using. You can use a public key to encrypt a PGP file, but you can't use a public key alone to decrypt a PGP file as this will require the corresponding private key (unless you are using the ExactTarget public key).

I believe it is possible to use your own PGP public/private key combination with Safehouse, but you will need to open a support case to have this configured. I've never done this though. My advice would be to encrypt the PGP file using the ExactTarget PGP public key (if you are not doing so already) which you can download here.

Here are the two steps that should appear in your Automation.

1. File Transfer Activity

• Set Transfer Type as 'Download'
• Set the File location to where the file is transferred to
• Set File naming pattern to %%FILENAME_FROM_TRIGGER%%
• Enable 'File is encrypted' in Transfer Settings
• Configure other settings as you normally would

2. Import Activity

• Set file location to 'Safehouse'
• Set filenaming pattern to %%BASEFILENAME_FROM_TRIGGER%%.csv (change 'csv' to match the file extension of the decrypted file)
• Configure other settings as you normally would

Safehouse

The Safehouse file location is not created by default. If you do not have this in Email app > Admin > Data Management > File Locations, create one named 'Safehouse' and set the Location Type to 'Safehouse'.

Note that I've configured a couple of different accounts recently where importing decrypted PGP files fail. If the automation fails on the import activity as it can't find the decrypted file in Safehouse, then you will need to open a support case to have this configured.

No. It is still possible to encrypt data coming from SFMC data extensions even if decrypted on import.

The process from import to export is:

Import:

1. File is dropped with PGP encryption to FTP
2. File transfer to decrypt and send to safehouse
3. import activity aiming at file in safehouse

This will decrypt your data and store it unencrypted in SFMC. From there, you have 2 choices on encrypting and exporting your information.

Export manually:

1. Go to the 'records' section of your desired Data Extension
2. Select 'Export' option
3. Check the 'encrypt file' option under 'Export Options'

This is a simple usage and is great for 'one off' needs, but is not available for automation.

Export via Data Extract Activity and File Transfer:

1. Create a data extract activity aimed at your DE. (this will create an unencrypted file that lives in your safehouse)
2. Create a File Transfer activity that utilizes the 'Move file from safehouse' option
3. write in the file naming that you had from data extract and then select 'Encrypt file'
4. Here you will be able to select PGP or GPG encrypt

This will then let you take the file, encrypt it in PGP or GPG and then place it on your FTP. Using Data Extract and File Transfer allows you to place these in an automation for scheduled or trigger based usage.

If you really want to, you can also remove the UI completely and create the Data Extract, File Transfer and automation via the API.