Re: EFS Decryption - Lost Certificate
- From: amitava.bhattacharyya@xxxxxxxxx
- Date: Mon, 31 Dec 2007 17:19:05 -0800 (PST)
Sorry for the late reply (year end celebrations :))!
Yes, the older certificate's thumbprint matches the thumbprint in the
encrypted files. When I double click on that certificate, in the
General Tab it says "You have a private key that corresponds to this
certificate." However, if I try to export it, I get the warning that
only the certificate can be exported, since the associated private key
can't be found.
Guess I am screwed :)
On Dec 29 2007, 10:37 pm, "Brian Komar"
<brian.ko...@xxxxxxxxxxxxxxxxx> wrote:
Did any of the certificates in the certificate manager have a thumbprint
that matches the thumbprint reported by EFSINFO?
Brian
<amitava.bhattachar...@xxxxxxxxx> wrote in message
news:e7837c40-2e4c-4daa-97fb-113c23f3f9d3@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
The Personal Certificate Manager shows two certificates. efsinfo also
verifies that the currently installed key fingerprint is different
from the key fingerprint in the encrypted files. Since I hadn't
encrypted anything since that unfortunate episode, I exported the
newer certificate and deleted it. Then to be doubly sure, I went to
User Options (as far as I remember, I used the User Options last time
too) and changed my password (to what it already is), logged off, and
logged in. Still no success :(
Windows complains that the private key associated with the older
certificate can't be found. I guess that is the reason why I'm having
no success, although why this should be so is beyond me.
Thanks for the help!
On Dec 28, 8:42 pm, "Roger Abell [MVP]" <mvpNoS...@xxxxxxx> wrote:
If you really have changed the password back to what it was,
in the same way (reset rather than change with providing of
the old and the new), then perhaps you just have an extra EFS
certificate that is now in the way.
If you start / run certmgr.msc and look in the Personal cert
store how many EFS certificates do you see?
If more than one then you need to get the newer one out of the way.
However, having a newer one means that you probably encrypted
something after you had changed the password (and that would now
be inaccessible due to the changed password). So, first you need
to figure what the newer cert controls access to and get that in the
clear unencrypted (change password back and then decrypt).
Then for safety export the newer certificate. After that, delete the
newer and change your password back to what was correct for
the older certificate.
In the future, change (not reset) your password so that this does
not happen.
Roger
<amitava.bhattachar...@xxxxxxxxx> wrote in message
news:566b4e3c-aa00-4209-9b28-3dd93588fa85@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,
Sometime back, I had encrypted a folder on my hard drive. In between,
I changed my password. Obviously, I was denied access to those files
thereafter. So I went back and restored my previous password. Still, I
can't access the files. However, when I check Advanced Properties >
Encryption Attribute Details, my username is shown in the list of
users who have transparent access to the file(s). To add to my woes, I
didn't make a backup of the encryption certificate, and XP has no
default recovery agent, as I learned later.
Is there any way to recover these files? Or are they gone for good?
TIA!
.
- Follow-Ups:
- Re: EFS Decryption - Lost Certificate
- From: amitava . bhattacharyya
- Re: EFS Decryption - Lost Certificate
- Next by Date: Re: EFS Decryption - Lost Certificate
- Next by thread: Re: EFS Decryption - Lost Certificate
- Index(es):
Relevant Pages
|
