Revision as of 10:03, February 9, 2020 by Mlevy (talk | contribs) (Created page with "=Optional Functionality= Occasionally, in some deployments an optional functionality is required for applications, scripts, services and so on. Genesys recommends the followi...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Optional Functionality

Occasionally, in some deployments an optional functionality is required for applications, scripts, services and so on. Genesys recommends the following optional functionality for a familiar deployment issue:


PGP Encryption

In a Kubernetes deployment encryption is disabled by default.

Important
PGP Encryption is not supported in a Docker Compose deployment.

Enable PGP encryption in a Kubernetes deployment

  1. Generate a pair of PGP keys to be used for encryption/decryption (private and public keys).
  2. Store each generated key in the file on the host, so that these files are accessible by the deployment script.
  3. Configure the following environment variables in the cxc.env file. 
    # CXC Contact encryption configuration.
CXC_PGP_ENABLED: false
# Host path(absolute) to the PGP Public Key
CXC_PGP_PUBLIC_KEY_PATH: ""
# Host path(absolute) to the PGP Private Key
CXC_PGP_PRIVATE_KEY_PATH: ""
# Passphrase for PGP Private Key
CXC_PGP_PASSPHRASE: ""
CXC_PGP_USER_ID: "customercare@genesys.com"
  4. Verify that the CXC_PGP_ENABLED variable is set to true.
  5. Verify that the CXC_PGP_PUBLIC_KEY_PATH variable is set to the absolute path to the file that stores the public key.
  6. Verify that the CXC_PGP_PRIVATE_KEY_PATH variable is set to the absolute path to the file that stores the private key.
  7. Verify that the CXC_PGP_PASSPHRASE variable (optional) is configured when the passphrase is present in CX Contact PGP keys.
  8. Verify that the CXC_PGP_USER_ID variable is associated with the correct Private key user ID.
  9. Save and close the file. The saved file is then used as input for the cxc-app-deploy.sh script.
Important
The host is used to create Kubernetes secret (cxc-pgp-storage). During deployment CXC_PGP_PUBLIC_KEY_PATH and CXC_PGP_PRIVATE_KEY_PATH data is stored in the Kubernetes secure storage. When the system is started CX Contact components collect key data from the Kubernetes secure storage. For more information about Kubernetes secret refer to: Kubernetes secret objects
This page was last edited on February 9, 2020, at 10:03.
Comments or questions about this documentation? Contact us for support!