Securing your ticket communication
Jens Bothe10. Dec 2013 | AdministrationBest PracticesConsulting
The practical examples presented in our technical blog (blog.otrs.com) and now in the expert category in our FAQ blog section serve as a source of ideas and documentation to show what is theoretically possible with OTRS in concrete scenarios or sometimes even for more exotic configurations. All configurations presented here were developed under laboratory conditions as a proof of concept.
We can only guarantee testing and implementation of these concepts to be error-free and productive if implemented in a workshop with one of our OTRS consultants. Without this, the responsibility lies with the customer himself. Please note that configurations from older OTRS versions may not work in the newer ones.
The actual discussion on possible unwanted readers of your mails shows the need to encrypt emails. OTRS has the possibility to sign and encrypt via S/MIME and PGP/GnuPG.
For enabling PGP only a few steps are needed. So this post shows how to setup PGP on your system.
Step 1 – Install GnPG
Step 2 – Create a key:
Enter the following command in your shell and follow the instructions
Step 3 – Export Key:
gpg --export -a > public.asc gpg --export-secret-key -a > private.asc
Step 4 – Activate PGP in sysconfig:
Step 5 – Upload Keys:
You have to upload the public and the private key. Please ensure that you are using the Key ID of the secret key within Crypt::PGP for assigning the password! You also should be sure that the .gnupg directory was created and is assigned to the webserver user (thats why it is suggested to run the webserver with the OTRS user!) You can also have a look at the documentation for more hints.
Step 6 – Upload Customer Public Keys:
For encryption of emails to customers and verifying signatures OTRS needs the public key of your customer users stored. They can be uploaded via Customer Interface or the customer management screen in agent interface.
Now we can send and receive signed and encrypted mails