Go to section …

Enterprise Export

For enterprise export, you will first need to open up a command line window, such as Terminal or iTerm. Then, follow the steps below to create a public/private key and decrypt the .iv, .key and .zip files.

Create a public/private key

Keys must be created using either the PEM or DER format. Follow these steps to create a public/private key pair with the PEM format (note that all commands are run on the command line):

  1. openssl genrsa -aes256 -out private.pem 4096
    • Enter a pass phrase when prompted.
    • This will create a file called private.pem that contains the private key.
  2. openssl rsa -aes256 -inform PEM -outform PEM -pubout -in private.pem -out public.pem
    • Enter the pass phrase used in step 1.
    • This will create a file called public.pem that contains the public key.
  3. Contact Flowdock support. The entire contents of the public.pem file, including the BEGIN and END lines, will be entered by Flowdock support into the Organization’s enterprise export configuration.

Decrypt the .iv, .key, and .zip files

Once the .iv, .key, and .zip files are downloaded (via links in an email sent to you called “Flowdock: Enterprise export finished”), follow these steps to generate an unencrypted zip file:

  1. openssl rsautl -decrypt -in <input file name>.iv -out <output file name>.iv -inkey private.pem -keyform PEM
    • In this case, private.pem contains the previously generated private key.
    • <input file name>.iv is the downloaded .iv file.
    • Enter the pass phrase.
    • The decrypted initialization vector will then be stored in <output file name>.iv.
  2. openssl rsautl -decrypt -in <input file name>.key -out <output file name>.key -inkey private.pem -keyform PEM
    • In this case, private.pem contains the previously generated private key.
    • <input file name>.key is the downloaded .key file.
    • Enter the pass phrase.
    • The decrypted key will then be stored in <output file name>.key.
  3. openssl aes-256-cbc -d -iv `xxd -c256 -p <output file name>.iv` -K `xxd -c 256 -p <output file name>.key` -in <input file name>.zip -out <output file name>.zip
    • This will make use of the previously decrypted <output file name>.iv and <output file name>.key files
    • <input file name>.zip is the downloaded .zip file.
    • The output will be placed into <output file name>.zip which can then be unzipped using normal methods. Example: unzip <output file name>.zip