Legacy: Form Encryption: SimpleSecure 3.3 set up with GPG

We used to recommend SimpleSecure but it is not maintained anymore.
As a replacement, you can use Tectite's FormMailEncoder/Decoder($) which works with their free FormMail PHP script.

The last update to Simple Secure was made in 2002 and is not maintained anymore, so these notes are here for legacy purpose.

Those are the items you need to get started. GPG is installed on our servers.
Before you start, determine which email address will be the recipient of the form.

Download PGP Desktop software for your computer OS (Windows/Macintosh) from
PGP Corporation: http://www.pgp.com/products/desktop/index.html
Cost: PGP Desktop Home 9.0 - Windows - Perpetual License $99.00 (as of Aug 2006).
Download simple secure 3.0 from VerySimple

Install PGP Desktop on your computer.
Generate a key for the email address you plan to use as recipient of your form.
Make a backup of the key on a disk for safety.
Export the (public) key to a .asc file, save it on your computer.
Download SimpleSecure 3.3 or higher from the web: http://www.verysimple.com/products.php/simplesecure.html
Follow the instructions contained in the /help/index.html file.

SimpleSecure Server Setup:
The SimpleSecure default path to Perl works on our servers.
You can use your Control Panel File Manager to change the permissions and edit the files per VerySimple instructions.

SimpleSecure Configuration:
Email Method: SMTP: localhost
Encryption Settings: GPG path: /usr/bin/gpg

SimpleSecure Test1
Proceed with the Test as recommended.
This first test will just make sure that SimpleSecure is installed properly. It will use the default Recipient, and no encryption.

Setup your own recipient

When test1 succeeded, it is time to create your own recipient.
Under the SimpleSecure Menu "Recipients", click on "Add new Recipient"

EncryptMethod: GnuPG engrypted
EncryptKey: You can use either the Name or the email address of the PGP key you generated in Step 4.
Recipients: the email address of the PGP key (must be the same one you generated the key for)
DefaultEmailFormat: TEXT
Fill-in the other parameters per your needs.
Make a note of the ID of the recipient you just created.
Copy the example form code provided by SimpleSecure for the recipient you just created.

Set up your form to use SimpleSecure:

Change your form <action> to the path to simplesecure:

form action="/cgi-bin/ssecure/ssecure.pl" method="post" 
enctype="multipart/form-data">

Add the ID of the recipient who will get the encrypted form results in a hidden field. For example, if 2 is the ID of the recipient you just created:

<input type="hidden" name="cfgId" value="2">

Test your form.
If everything is working correctly, you should see the message "Thank you. Your information has been submitted." Check your email at this time. You should receive a message from the server.

Check your Email.
To decrypt the message you will get from the server, you will use PGP Desktop and the private Key you generated.

More info is available on the SimpleSecure Installation/Usage Help.

Properties ID: 000166 Views: 5463 Updated: 12 years ago

Filed under:

Support » Web Site » Web Hosting » Web Site Security
Support » Web Site » Web Hosting » Perl Tips