Acabei usando a biblioteca do Codeplex .
Configuração fácil e execução ainda mais fácil. Ótima biblioteca!
Eu usei o Kleopatra para gerar uma chave pgp.
No SQL Server estou executando um pacote do SSIS que deve descriptografar arquivos usando a chave acima. Os pacotes do SSIS são executados como ImportFiles , que possui a identidade do usuário do Windows NetworkSQLUser , porque ele precisa falar com outro servidor para obter o arquivo.
Quando executei o pacote pela primeira vez, recebi o seguinte erro:
Executed as user: VS2\NetworkSQLUser. gpg: encrypted with ELG key, ID XXXXXXXX gpg: decryption failed: No secret key Microsoft (R) SQL Server Execute Package Utility Version 11.0.2100.60 for 64-bit Copyright (C) Microsoft Corporation. All rights reserved. Started: 3:50:29 p.m. Error: 2014-01-23 15:50:29.95 Code: 0xC0029151 Source: Decrypt Transaction File Execute Process Task Description: In Executing "C:\Program Files (x86)\GNU\GnuPG\gpg2.exe" "--batch --passphrase-fd 0 --decrypt-files \vs3\FTP\Outgoing140122_001.TRN.gpg" at "", The process exit code was "2" while the expected was "0". End Error DTExec: The package execution returned DTSER_FAILURE (1). Started: 3:50:29 p.m. Finished: 3:50:29 p.m. Elapsed: 0.782 seconds. The package execution failed. The step failed.
Eu li um artigo que diz Para corrigir esse problema, faça o seguinte:
the service account that I was running the SQL Agent under did not have the certificate registered under that userid. I had only imported the certificate into Kleopatra for the development userid I logged in with and not for the service account. I simply imported the certificate to the service account profile and then everything worked.
Eu adicionei o User-ID de NetworkSQLUser à chave no Kleopatra, mas não tenho 100% de certeza que está certo!
Em seguida, executei o pacote novamente e recebi o seguinte erro:
Executed as user: VS2\NetworkSQLUser. gpg: keyring
c:/gnupg/secring.gpg' created gpg: keyringc:/gnupg/pubring.gpg' created gpg: encrypted with ELG key, ID XXXXXXXX gpg: decryption failed: No secret key Microsoft (R) SQL Server Execute Package Utility Version 11.0.2100.60 for 64-bit Copyright (C) Microsoft Corporation. All rights reserved. Started: 5:17:16 p.m. Error: 2014-01-23 17:17:17.40 Code: 0xC0029151 Source: Decrypt Transaction File Execute Process Task Description: In Executing "C:\Program Files (x86)\GNU\GnuPG\gpg2.exe" "--batch --passphrase-fd 0 --decrypt-files \vs3\FTP\Outgoing140122_001.TRN.gpg" at "", The process exit code was "2" while the expected was "0". End Error DTExec: The package execution returned DTSER_FAILURE (1). Started: 5:17:16 p.m. Finished: 5:17:17 p.m. Elapsed: 0.735 seconds. The package execution failed. The step failed.
Eu também tentei executar o pacote dtsx da pasta GnuPG.
Não sei aonde ir a partir daqui.
Se eu perdi alguma informação (minha primeira vez com SSIS, PGP e certs), então me avise.
Acabei usando a biblioteca do Codeplex .
Configuração fácil e execução ainda mais fácil. Ótima biblioteca!
Tags encryption pgp certificate ssis