Mercans Official website logo

    PGP Key Renewal Notice

    Key Renewal Overview

    To ensure the highest level of security, we regularly update the PGP keys used for encrypted file transmissions. All clients must keep their systems updated with the current public key to maintain seamless and secure data exchange.

    Important Dates

    • Acceptance (Test/UAT) PGP Key Replacement Date: May 8, 2027
    • Production PGP Key Replacement Date: January 11, 2026

    Both new keys will be available for download before their effective dates. Please update your keyring  accordingly to avoid service interruption.

    IMPORTANT Effective from 2026, all newly issued PGP keys will be configured with a default expiration period of one year.

    Download Keys

    pub 3072R/394639C28ACC65AB 2025-05-08 [expires: 2027-05-08]
uid Mercans Security (Acceptance 2027) <[email protected]>

Fingerprint: 4CD4 1516 5A51 12DC D6B9 F994 3946 39C2 8ACC 65AB
Long Key ID: 394639C28ACC65AB

    pub 4096R/DC1154E73B9F35E9 2023-01-12 [expires: 2026-01-11]
uid Mercans Security (Production 2026) <[email protected]>

Fingerprint: 1F20 AE46 4E46 85BD 6C55 F510 DC11 54E7 3B9F 35E9
Long Key ID: DC1154E73B9F35E9

    Sample Signed File

    Steps to Renew Your PGP Key

    1. Download the New Public Key
      • Access the new PGP public key from our client resource center before the replacement date.
    2. Rename and Install
      • Rename the downloaded public key file as instructed and add it to your PGP keyring.
    3. System Configuration
      • Update your encryption and signature settings to reference the new public key.
      • Ensure your system is configured to use the new key for all encrypted transmissions and signature verifications.
    4. Testing
      • For Host-to-Host users: Use the test environment to confirm that encrypted and signed files are correctly processed with the new key before the production cutover date.

    Client Action Required

    • Replace the old public key with the new key by the dates indicated above.
    • Coordinate with your internal teams or application vendor if you require assistance updating your system settings.
    • Failure to update the key by the specified date may result in file transfer failures.

    Security Reminder

    IMPORTANT: Always verify the fingerprint of the new public key through a secure channel before installing, especially if the key was sent via email or file download. This helps prevent man-in-the middle attacks.