exporting certificate/ key for encrypted folder

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Hi

I have created a backup of my hard drive using XP backup onto an
external hard drive in a folder that has encryption enabled.

I couldn't follow the info in windows help or on MS website about how
to create a recovery agent - it said "be prepared to supply a user
with a certificate" but gave no information on how to create such a
thing.

From reading past messages on this newsgroup it seems that all you
need to do is use Internet explorer / internet options/ content/
certificates/ personal -> export personal certificate and include the
private key in the .pfx file. Then copy the pfx file to CDROM or
floppy disk.

Is this the correct thing to do?

Can I import this pfx file onto another XP machine without destroying
the existing "personal EFS certificate/key" on that machine?

Thanks for any help.

Graeme
5 answers Last reply
More about exporting certificate encrypted folder
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    "akiwi" <invalid@notHere.com> wrote in message
    news:c9tf41t15kij92avb7beebkbgtb133svl1@4ax.com...
    >
    > Hi
    >
    > I have created a backup of my hard drive using XP backup onto an
    > external hard drive in a folder that has encryption enabled.
    >
    > I couldn't follow the info in windows help or on MS website about how
    > to create a recovery agent - it said "be prepared to supply a user
    > with a certificate" but gave no information on how to create such a
    > thing.
    >
    > From reading past messages on this newsgroup it seems that all you
    > need to do is use Internet explorer / internet options/ content/
    > certificates/ personal -> export personal certificate and include the
    > private key in the .pfx file. Then copy the pfx file to CDROM or
    > floppy disk.
    >
    > Is this the correct thing to do?
    >
    > Can I import this pfx file onto another XP machine without destroying
    > the existing "personal EFS certificate/key" on that machine?
    >
    > Thanks for any help.
    >

    Search help and support for the cipher command. Cipher /x will export the
    certificate. Make sure you test restoring your files before you need to
    actually do it. EFS is a major cause of lost data if things are not done
    exactly right. Test restoring and reading your files on an another computer.
    Make sure both computers are not in the same domain if you are networked. If
    you can do this then your data should be safe.

    Kerry
  2. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    On Mon, 28 Mar 2005 07:03:26 -0800, "Kerry Brown"
    <kerry@kdbNOSPAMsystems.c*o*m> wrote:

    >>
    >> From reading past messages on this newsgroup it seems that all you
    >> need to do is use Internet explorer / internet options/ content/
    >> certificates/ personal -> export personal certificate and include the
    >> private key in the .pfx file. Then copy the pfx file to CDROM or
    >> floppy disk.
    >>
    >> Is this the correct thing to do?
    >>
    >> Can I import this pfx file onto another XP machine without destroying
    >> the existing "personal EFS certificate/key" on that machine?
    >>
    >> Thanks for any help.
    >>
    >
    >Search help and support for the cipher command. Cipher /x will export the
    >certificate. Make sure you test restoring your files before you need to
    >actually do it. EFS is a major cause of lost data if things are not done
    >exactly right. Test restoring and reading your files on an another computer.
    >Make sure both computers are not in the same domain if you are networked. If
    >you can do this then your data should be safe.


    Help and support makes no mention of a /x switch for the cipher
    command. Does the method I posted work?

    Graeme
  3. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    "akiwi" <invalid@notHere.com> wrote in message
    news:7apg41p9kr0jqj8ldtskvchj0jasil7ibf@4ax.com...
    > On Mon, 28 Mar 2005 07:03:26 -0800, "Kerry Brown"
    > <kerry@kdbNOSPAMsystems.c*o*m> wrote:
    >
    >>>
    >>> From reading past messages on this newsgroup it seems that all you
    >>> need to do is use Internet explorer / internet options/ content/
    >>> certificates/ personal -> export personal certificate and include the
    >>> private key in the .pfx file. Then copy the pfx file to CDROM or
    >>> floppy disk.
    >>>
    >>> Is this the correct thing to do?
    >>>
    >>> Can I import this pfx file onto another XP machine without destroying
    >>> the existing "personal EFS certificate/key" on that machine?
    >>>
    >>> Thanks for any help.
    >>>
    >>
    >>Search help and support for the cipher command. Cipher /x will export the
    >>certificate. Make sure you test restoring your files before you need to
    >>actually do it. EFS is a major cause of lost data if things are not done
    >>exactly right. Test restoring and reading your files on an another
    >>computer.
    >>Make sure both computers are not in the same domain if you are networked.
    >>If
    >>you can do this then your data should be safe.
    >
    >
    > Help and support makes no mention of a /x switch for the cipher
    > command. Does the method I posted work?
    >
    > Graeme

    The method you posted should work as well. I used to use that until I found
    the cipher command. What version of XP and what service pack level are you
    at? Did you try cipher /? at a cmd prompt?

    Kerry
  4. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    On Mon, 28 Mar 2005 14:09:51 -0800, "Kerry Brown"
    <kerry@kdbNOSPAMsystems.c*o*m> wrote:

    [snip]
    >>
    >> Help and support makes no mention of a /x switch for the cipher
    >> command. Does the method I posted work?
    >>
    >> Graeme
    >
    >The method you posted should work as well. I used to use that until I found
    >the cipher command. What version of XP and what service pack level are you
    >at? Did you try cipher /? at a cmd prompt?
    >


    I've found that XP SP1 doesn't list the /x switch for cipher /? but
    SP2 does list it. I'll use both for now until I get a chance to check
    that they work. Thanks.

    Graeme
  5. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    "akiwi" <invalid@notHere.com> wrote in message
    news:j32i41576ri96cgc96bfpku5iuh4209dv3@4ax.com...

    <snip>

    >
    > I've found that XP SP1 doesn't list the /x switch for cipher /? but
    > SP2 does list it. I'll use both for now until I get a chance to check
    > that they work. Thanks.
    >
    > Graeme

    Your welcome. Make sure you test recovering encrypted files thoroughly. EFS
    is very tricky and a major cause of data loss. Simple things like changing a
    password can break it.

    Kerry
Ask a new question

Read More

Certificate External Hard Drive Windows XP