MIDRANGE dot COM Mailing List Archive



Home » PCTECH » October 2003

RE: I learned something about certificates and encryptin g file systems the other day ...



fixed

David,

I doubt you're in an Active Directory at home, but for future reference,
under AD it's possilbe to assign an EFS Recovery Agent for the domain that
is authorized to access anyone's EFS files. 

-Walden


------------
Walden H Leverich III
President
Tech Software
(516) 627-3800 x11
(208) 692-3308 eFax
WaldenL@xxxxxxxxxxxxxxx
http://www.TechSoftInc.com 

Quiquid latine dictum sit altum viditur.
(Whatever is said in Latin seems profound.)
 
-----Original Message-----
From: David Gibbs [mailto:david@xxxxxxxxxxxx] 
Sent: Friday, October 24, 2003 11:46 AM
To: pctech@xxxxxxxxxxxx
Subject: [PCTECH] I learned something about certificates and encrypting file
systems the other day ...

... DON'T DELETE A CERTIFICATE FROM INTERNET EXPLORER UNLESS YOU REALLY 
KNOW WHAT YOU ARE DOING.

A few days ago I was playing around with SSL certificates on my Win2K 
system ... I wanted to create a personal certificate that I could 
authenticate against a SSL server I'm running.

Ok, so I go into Internet Explorer, find my certificate ... and delete it.

No harm, I think, if it's bad the system should just recreate one.  I 
don't use a specific certificate for anything (that I know of).

Well, the next day I try to get into Quicken ... and my quicken files 
are encrypted (did that when I took my laptop on a trip ... in case 
someone ripped it off, I didn't want them to be able to access my 
quicken data).

Quicken told me that it couldn't access the data files.

I tried to copy the quicken files and was told that access was denied 
... perhaps the file was in use.  Well, that's happened before ... so I 
ran CHKDSK /F and rebooted.

Tried to access Quicken again ... no go.

Did a bit of research on the web and found that the IE is used to manage 
the certificates used in the encrypting file system components.

Now the question is ... how the heck do I get my certificates back?  I 
didn't back them up.

Lucky for me, however, I HAD imaged my system to my wifes PC about 2 
weeks earlier.  Didn't think I could restore the certificates directly 
from the image ... but I could restore the image to another PC, backup 
the certificates to a floppy, then import them into my real system.

To make a long story short ... it worked fine.  I had to whack my 
scorched earth machine, but that's an easy re-install.

So be very careful when you start screwing around with things you don't 
understand completely. :)

david


_______________________________________________
This is the PC Technical Discussion for iSeries Users (PcTech) mailing list
To post a message email: PcTech@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/pctech
or email: PcTech-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/pctech.





Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact