Setting up File-Level Encryption for FVT/GE


Last Updated:
August 30, 2024

Latest Additions/Updates: The most recent additions and/or major changes.


File-Level Encryption (such as PGP)

The FVT/GE platform uses file-level encryption (such as PGP) to encrypt downloaded files.

To download files:

  1. You will need to generate a public/private key pair.
  2. You will need to upload the public key to the Clearinghouse through the FVT/GE platform. (Do not submit your public key via email.)

This article will guide you through how to provide the Clearinghouse with the public key.

Generating a Public/Private Key Pair

Gpg4win is an example of a tool that easily generates a public/private key pair. For a list of other recommended tools, visit https://www.openpgp.org/software/misc/.

You should engage your organizational-level information technology office for support and implementation of a file-level encryption tool. Once you select a tool, generate a public/private key pair. This is often done during the initial installation of the tool. (See “How to Create A Public/Private Key Pair” at the end of this article for step-by-step instructions on exporting a public key using Gpg4win as an example.)

Providing Your Public Key to the Clearinghouse for FVT/GE Downloads

On the FVT/GE platform, click the “Service Profile” link in the left sidebar. This link is available on any page within the FVT/GE platform.

Because your FVT/GE landing tab will be the Service Agreement Details tab, you will need to navigate to the “Report Encryption” tab.

On the “Report Encryption” tab, copy and paste your public key in the PGP Key field. Click “Submit.” Make sure you copy and paste the entire public key. The —–BEGIN PGP PUBLIC KEY BLOCK—– and —–END PGP PUBLIC KEY BLOCK—– statements are required, as well as a blank line after the —–BEGIN PGP PUBLIC KEY BLOCK—– statement.

If you enter the public key with incorrect formatting, this error message will appear.

You should try entering your key again. Remember, the —–BEGIN PGP PUBLIC KEY BLOCK—– and —–END PGP PUBLIC KEY BLOCK—– statements are required, as well as a blank line after the —–BEGIN PGP PUBLIC KEY BLOCK—– statement.

Once you successfully enter the public key, all files downloaded from the FVT/GE platform will be encrypted using it. The PGP tool you selected will decrypt the downloaded file.

How to Create A Public/Private Key Pair

Often when you download a file-level encryption tool, the public key is generated during the installation process. The images below use Gpg4win as an example.

Gpg4win can be installed at the user level without administrative rights (you should follow your institution’s policy for adding software). Creating the certificate and exporting the certificate into a public key file is straightforward.

Near the end of the installation process, a window will display indicating the certificate that was generated.

If a certificate was not generated during the installation process, then:

  1. Run Kleopatra (the certificate manager included in the Gpg4win install).


  1. Under the “File” menu, select “New OpenPGP Key Pair.”

  1. Enter the name and address of the key pair.

Once you can view the created certificate, follow these steps:

  1. Right-click the certificate in the window.
  2. Select “Export.”
  3. Save the file to a common location.
  4. Open the file with Notepad. The key block will look similar to the screenshot below.

  1. Copy and paste the entire content of the key block into the upload section.

Decrypting Your Downloads

Certain files downloaded from the FVT/GE platform are encrypted. To open these files and view their contents, you will need to decrypt them. See examples of how to decrypt using Kleopatra/Gpg4win below.

  1. Select the key you would like to use to decrypt. Click the “Decrypt/Verify” button

  1. In the file browser that is opened, select the file you want to decrypt. Click “Open.

  1. The file will be decrypted. Click the “Save All” button to save the decrypted file in the selected output folder.

  1. The decrypted file will be saved to the selected output folder. You can now open the file

Was this article helpful?

Related Articles