Recover an encrypted file or folder without your file encryption certificate
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
To recover an encrypted file or folder without the file encryption certificate
Open Backup.
Use Backup to make a copy of the file in case of loss or damage.
Send the original encrypted file to the designated recovery agent.
Have the recovery agent use their recovery certificate and private key to decrypt the file.
Have the recovery agent send the decrypted file back to you, using any file transfer method that you want.
Notes
To start Backup, click Start, point to All programs, point to Accessories, point to System Tools, and then click Backup.
There is no default recovery agent on a local computer unless the computer is in an Active Directory domain environment. In an Active Directory domain environment, the administrator that initially logged on to the first domain controller is the default recovery agent.
Sending the file to the designated recovery agent can be done in a number of ways, including backing up the file to tape or floppy disk.
Files backed up using Backup or any other backup tool retain their encryption while in their backup storage location. The original files can be decrypted or modified without affecting the encrypted state of the backup copies.
You can recover an encrypted file or folder yourself if you have kept a backup copy of your file encryption certificate and private key in a .pfx file format on a floppy disk. Use the import command from Certificates in Microsoft Management Console (MMC) to import the .pfx file from the floppy disk into the Personal store.
For more information about using Certificates in MMC, see Related Topics.
Information about functional differences
- Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.