Core → Crypt → PGP

PGP

Enables PGP support. When PGP support is enabled for signing and encrypting mail, it is HIGHLY recommended that the web server runs as the OTRS user. Otherwise, there will be problems with the privileges when accessing .gnupg folder.

This setting can not be deactivated.

Default value:

--- 0

PGP::Bin

Defines the path to PGP binary.

This setting is not active by default.

Default value:

--- /usr/bin/gpg

PGP::Key::Password

Sets the password for private PGP key.

This setting can not be deactivated.

Default value:

---
488A0B8F: SomePassword
D2DF79FA: SomePassword

PGP::Log

Configure your own log text for PGP.

This setting can not be deactivated.

Default value:

---
BADSIG: The PGP signature with the keyid has not been verified successfully.
ERRSIG: It was not possible to check the PGP signature, this may be caused by a missing
  public key or an unsupported algorithm.
EXPKEYSIG: The PGP signature was made by an expired key.
GOODSIG: Good PGP signature.
KEYREVOKED: The PGP signature was made by a revoked key, this could mean that the
  signature is forged.
NODATA: No valid OpenPGP data found.
NO_PUBKEY: No public key found.
REVKEYSIG: The PGP signature was made by a revoked key, this could mean that the signature
  is forged.
SIGEXPIRED: The PGP signature is expired.
SIG_ID: Signature data.
TRUST_UNDEFINED: This key is not certified with a trusted signature!
VALIDSIG: The PGP signature with the keyid is good.

PGP::Method

Sets the method PGP will use to sing and encrypt emails. Note Inline method is not compatible with RichText messages.

This setting can not be deactivated.

Default value:

--- Detached

PGP::Options

Sets the options for PGP binary.

This setting can not be deactivated.

Default value:

--- --homedir /opt/otrs/.gnupg/ --batch --no-tty --yes

PGP::Options::DigestPreference

Sets the preferred digest to be used for PGP binary.

Default value:

--- sha256

PGP::TrustedNetwork

Enable this if you trust in all your public and private pgp keys, even if they are not certified with a trusted signature.

Default value:

--- 0