Re: Which EFS certificate used?
- From: "Marv Sun" <marvinsun@xxxxxxxxxxx>
- Date: Sat, 26 Jan 2008 18:43:07 -0500
Thanks again, Martin!
"Martin Rublik" <martin.rublik@xxxxxxxxxx> wrote in message news:OL1UgsMXIHA.4880@xxxxxxxxxxxxxxxxxxxxxxx
The certificate for encryption is chosen (or generated) at the time the user encrypts data for the first time..
Afterwards (if it is time valid) you can change it only by modifying the registry. If you want to change the certificate just set the hash in the registry to desired one (from your's certificate store).
More info on the format of the hash and the key can be found in this discussion http://tinyurl.com/2u8au3
As for the choice of the user there is only the registry editor or EFS Certificate Configuration Updater http://www.codeplex.com/EFSCertUpdater (I have never tried it by myself). I hope this helps. Feel free to ask if you have more questions, and feel free to correct any of mine statements if they're wrong :).
Marv Sun wrote:Thanks Martin.
In the registry HKCU\....\EFS\Currentkeys, it did show the Certificate's thumbprint that EFS used to encrypt my files. The thumbprint in this case is my "Administrator" certificate that has multiple EKUs, including EFS, SMIME etc.
But my question is why this particular certificate is selected by OS to do EFS? In my user certificate store, I have two more certificates that both contains EKU for EFS, why they are not used? Does user have a choice to select which certificate to do EFS?
Thanks again for sharing.
"Martin Rublik" <martin.rublik@xxxxxxxxxx> wrote in message news:OclL7AAXIHA.5980@xxxxxxxxxxxxxxxxxxxxxxxTake a look at this article: http://technet2.microsoft.com/windowsserver/en/library/04122595-5d30-4b19-945a-b6e4bb33bd6f1033.mspx?mfr=true You are looking for registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\EFS\CurrentKeys that contains certificate hash that is used for encryption.
Hope this helps
Marv Sun wrote:Folks,
If my workstation (running XP) has multiple certificates that are qualified for EFS encryption, which one will be selected when a file is enabled for EFS? It seems there are no choices for user to select manually.
Thanks in advance for your kind feedback.
- Prev by Date: Re: NTFS woes
- Next by Date: Duplicate Certificate templates
- Previous by thread: Re: Which EFS certificate used?
- Next by thread: Reset Password