I was able to successfully import the PFX into my personal certificates store. Sign up to join this community. The best answers are voted up and rise to the top. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Learn more. Ask Question.
Asked 7 years, 11 months ago. Active 5 years, 4 months ago. Viewed 12k times. Improve this question. Community Bot 1. Gaia Gaia 1 1 gold badge 6 6 silver badges 13 13 bronze badges. Add a comment. Active Oldest Votes. Improve this answer. Td6 Td6 21 2 2 bronze badges. This could work, thanks. I will leave the answer here for future reference. I long ago solved the problem, by bringing the old system back online from backup and exporting the cert.
Monstieur Monstieur 1 1 silver badge 7 7 bronze badges. It uses Microsoft Base Cryptographic Provider 1. A separate DRA is created for every recovery agent defined. Please note, that on Windows XP not included into domain, there's no recovery agent is defined, so this step is omitted.
Now a temporary file Efs0. The contents of original file plain text is copied into temporary file, after that the original is overwritten with encrypted data. This mechanism is separate from common security meaning that beside rights to access file, the file must have its FEK encrypted with user's public key. Only user who can decrypt FEK with his own private key, can access the file.
If the Administrator profile or if the first domain controller is no longer available, the private key that is used to decrypt the encrypted files is lost, and files cannot be recovered through that recovery agent.
Then click Add in Windows Server or in Windows Right-click the certificate that you located in step 9, point to All Tasks , and then click Export. We strongly recommend that you click to select the Enable strong protection requires IE 5. If you click to select the Delete the private key if the export is successful check box, the private key is removed from the domain controller. As a best practice, we recommend that you use this option.
Install the recovery agent's private key only in situations when you need it to recover files. At all other times, export, and then store the recovery agent's private key offline to help maintain its security. Feedback will be sent to Microsoft: By pressing the submit button, your feedback will be used to improve Microsoft products and services.
Privacy policy. Skip to main content. This browser is no longer supported. Download Microsoft Edge More info. Contents Exit focus mode. Important After you export the private key to a floppy disk or other removable media , store the floppy disk or media in a secure location. Note We strongly recommend that you also click to select the Enable strong protection requires IE 5.
0コメント