Public Keys Explained
The Public and Private key pairs comprise two uniquely related cryptographic keys (basically long random numbers). The Public Key is what its name suggests - Public. It is made available to everyone via a publicly accessible repository or directory. On the other hand, the Private Key must remain confidential to its respective owner. Because the key pair is mathematically related, whatever is encrypted with a Public Key may only be decrypted by its corresponding Private Key and vice versa. With this setup, the data transferred between NetSuite and the SFTP will be encrypted during transfer so that nobody can decrypt the information.
Generate New Public Keys
The SFTP SuiteApp comes with a key generator that stores the private key automatically in a secure way and will provide the user with a public key that can be given to the SFTP host. To generate a new key pair navigate to Setup > SFTP Connector > New SFTP Private Key. On the page that opens you need to enter a name for the new key pair. Make sure that the naming convention identifies easily for which connection the key pair is created. This makes is later easier to identify which key is responsible for a certain connection.
Do not change the field “A SECURE RANDOM PASSWORD (DO NOT CHANGE)”. This password id randomly created to ensure the highest possible security.
After pressing the Save button you will see a basic page with all the information regarding the public key. The private key is at this point already safely stored inside NetSuite.
On this page, you will see the key in the SSH-RSA format and the standard PEM format. In most cases, the SFTP location uses the PEM format. From here you can copy the information that is highlighted in the red square and past it in a regular text editor and then save the file with the extension .pem. If your SFTP host needs the SSH-RSA format then copy this value.
In the last line, you will see the private key id that was generated. Note down this value to enter it in the main connection configuration. It’s always possible to retrieve this value later. You can leave this page by pressing back in the browser.
Generate a public key form an existing key
If you already have a key pair we recommend to follow the steps below. This stores the private key in a secure way in NetSuite. Navigate to Setup > Company > Keys and select “Create new” on the page.
Enter a name for the key pair you create. Make sure that the naming convention identifies easily for which connection the key pair is created. This makes is later easier to identify which key is responsible for a certain connection. Next click on the sub-tab files and select from your hard drive the private key and press save.
The private key is now safely stored inside NetSuite and the public key can always be retrieved from NetSuite if needed. Note that manual created key pairs do not contain on line level a description.
Existing Generated Public Keys
If you later would like to see which key exists in your NetSuite account you can navigate to Setup > Company > Keys. This page will show all existing keys in your NetSuite account.
Retrieve the public key
To retrieve the public key you may press on one of the existing Private Keys. This will trigger a popup modal that shows you all the information regarding the key. From here you can copy the SSH-RSA key or PEM key and store it as a file on your computer. This option is only available when the key pair is created with the SFTP Key Generator.