The ServisBOT platform provides customers with the ability to encrypt customer messages as they enter the ServisBOT system. This guide assumes that you are familiar with basic encryption techniques, and you have the ability to generate your own encryption keys.
Message encryption is a feature that requires some initial configuration by ServisBOT. If you would like access to this feature, please contact ServisBOT first.
ServisBOT will provide you the following:
SBPublicKey.pem example:
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAvWZZSSrDKJ2wqT4kt/jhqwjAvMaMMQAAfnzEKDIVOc6gEWQPVnjE
4CXBEuzunz+vJ/hXjutdkO34ZyI0In5mp6SNdZRefNcE0N8r8h+7HuLWuX3SA7Qo
kH+GmnoDpWYgM5fDohalc3lHtWkWDxYJEFXmVFp5snX5fJY6vGQchBeScTM625js
...
-----END RSA PUBLIC KEY-----
Once you have received the ServisBOT public key, the encryption and upload tool, and the AWS credentials, you can securely upload your private key to the ServisBOT platform.
Generate your own public/private key-pair. Keys myst be a 4096 bit asymmetrical key-pair that uses pkcs1_oaep for its encryption scheme.
openssl genrsa -out CMKPrivateKey.pem 4096
openssl rsa -in CMKPrivateKey.pem -outform PEM -pubout -out CMKPublicKey.pem
* Download putty from https://www.putty.org/
* Open PuttyGen
* Type of Key to Generate: RSA
* Number of bits in a generated key: 4096
* Click Generate
* Save Public Key as CMKPublicKey
* Save Private Key
* Conversions > Export OpenSSH Key
* This is required to export the key in PEM format
Configure the environment variables provided to you by ServisBOT
export AWS_REGION=<provided-by-servisbot>
export AWS_ACCESS_KEY_ID=<provided-by-servisbot>
export AWS_SECRET_ACCESS_KEY=<provided-by-servisbot>
export AWS_SESSION_TOKEN=<provided-by-servisbot>
Use the tooling provided by ServisBOT to encrypt your private key
data
folder./data/CMKPrivateKey.pem
./data/SBPublicKey.pem
./bin/servisbotcmk --action encrypt
This creates a file named EncryptedCMK.b64
in the output directory. This file contained your encrypted and encoded private key.
Use the tooling provided by ServisBOT to upload your encrypted private key
At this stage. ServisBOT will provide you with a job id to complete the upload.
./bin/servisbotcmk --action upload --jobid <job-id-provided-by-sb>
You will need to supply ServisBOT with your public key so that the platform can encrypt conversational messages. The public key (in pem format) should be sent to key_management@servisbot.com