Mercans Logo
SUBMIT RFP CONTACT US

    PGP Key Renewal Notice

    IMPORTANT Mercans’ Production PGP key for 2026 has been updated and MUST be replaced immediately. The old key DC1154E73B9F35E9 becomes unavailable on January 11, 2026

    Key Renewal Overview

    To ensure the highest level of security, we regularly update the PGP keys used for encrypted file transmissions. All clients must keep their systems updated with the current public key to maintain seamless and secure data exchange.

    Important Dates

    • Acceptance (Test/UAT) PGP Key Replacement Date: May 8, 2027
    • Production PGP Key Replacement Date: January 29, 2027

    Both new keys will be available for download before their effective dates. Please update your keyring  accordingly to avoid service interruption.

    IMPORTANT Effective from 2026, all newly issued PGP keys will be configured with a default expiration period of one year.

    Download Keys

    pub 3072R/394639C28ACC65AB 2025-05-08 [expires: 2027-05-08]
uid Mercans Security (Acceptance 2027) <[email protected]>

Fingerprint: 4CD4 1516 5A51 12DC D6B9 F994 3946 39C2 8ACC 65AB
Long Key ID: 394639C28ACC65AB

    pub 4096R/54E40F18BFF81B8D 2025-12-30 [expires: 2027-01-29]
uid Mercans Security (Production 2027 RSA) <[email protected]>

Fingerprint: 41BD 2A57 7C7B 15AD 0CB5 AC1B 54E4 0F18 BFF8 1B8D
Long Key ID: 54E40F18BFF81B8D

    Sample Signed File

    Steps to Renew Your PGP Key

    1. Download the New Public Key
      • Access the new PGP public key from our client resource center before the replacement date.
    2. Rename and Install
      • Rename the downloaded public key file as instructed and add it to your PGP keyring.
    3. System Configuration
      • Update your encryption and signature settings to reference the new public key.
      • Ensure your system is configured to use the new key for all encrypted transmissions and signature verifications.
    4. Testing
      • For Host-to-Host users: Use the test environment to confirm that encrypted and signed files are correctly processed with the new key before the production cutover date.

    Client Action Required

    • Replace the old public key with the new key by the dates indicated above.
    • Coordinate with your internal teams or application vendor if you require assistance updating your system settings.
    • Failure to update the key by the specified date may result in file transfer failures.

    Security Reminder

    IMPORTANT: Always verify the fingerprint of the new public key through a secure channel before installing, especially if the key was sent via email or file download. This helps prevent man-in-the middle attacks.