Browse by Topic: PGP Encryption
PGP Key Expiry and Renewal Instructions
Last modified on 09 August 2018 02:08 PM

To ensure the PGP keys we generate adhere to the best and latest security standards, our PGP keys have a validity duration of five years. This means that every five years, you need to renew this key. This article provides instructions based on two scenarios; (1) How to renew your key before it expires and (2) How to renew your key once it has expired.

1. How to renew your key before it expires.

1. Login to your account at Startmail.com
2. In the top menu, go to Settings
3. In the left menu, go to Mail encryption
4. At the bottom of the page, there's an option to click on Generate new key.


5. Click first on the button to Disable key, this will disable your current key. You'll need to enter your password to confirm this action.



6. After that is done, you'll be redirected to the page where you can generate a new key. Enter your current or a new PGP password and click on Generate public key.



7. You're done!


Your old key will be disabled, however you can still decrypt existing and older messages with the previous key. If any of your recipients use external email clients and have manually imported your key it's good practice to send your new public key to them. This can be done in two ways:

1. Attach your key to an outoing email message.

2. Exchange public keys through a public key repository.

Further instructions can be found in the following Support Center article;

https://support.startmail.com/index.php?/Knowledgebase/Article/View/61/0/export-my-public-key

 

2. How to renew your key once it has expired.

1. Login to your Account at StartMail.com

2. In the top menu, go to Settings.

3. In the left menu, go to Mail encryption.

4. At the top of the page, there's an option to click on Renew your PGP key.

 

 

5. Click on the button, after which you will be redirected to another page.

6. Follow the on-screen instructions in order to renew your PGP key.

 

Please note:

*If your PGP-key has expired and you have created a new key pair - your public key must be changed in your email client.

If you solely use StartMail webmail then you do not need to change anything. The public-key is automatically changed in the StartMail keyring server.

 

For other contacts or StartMail contacts using their own email client, it is important to distribute your new public key to those contacts. This can be done in two ways;

 

1. Attach your key to an outgoing email message.

2. Exchange public keys through a public key repository.

 

Instructions can be found in the following Support Center article;

https://support.startmail.com/index.php?/Knowledgebase/Article/View/61/0/export-my-public-key

 


If you have any questions about this process please reach out to support at support@startmail.com or fill out the support form.

(1 vote(s))
This article was helpful
This article was not helpful

Still haven't found the answer to your question? Click here to contact support.