I doubt you're in an Active Directory at home, but for future reference,
under AD it's possilbe to assign an EFS Recovery Agent for the domain that
is authorized to access anyone's EFS files. 


Walden H Leverich III
Tech Software
(516) 627-3800 x11
(208) 692-3308 eFax

Quiquid latine dictum sit altum viditur.
(Whatever is said in Latin seems profound.)
-----Original Message-----
From: David Gibbs [mailto:david@xxxxxxxxxxxx] 
Sent: Friday, October 24, 2003 11:46 AM
To: pctech@xxxxxxxxxxxx
Subject: [PCTECH] I learned something about certificates and encrypting file
systems the other day ...


A few days ago I was playing around with SSL certificates on my Win2K 
system ... I wanted to create a personal certificate that I could 
authenticate against a SSL server I'm running.

Ok, so I go into Internet Explorer, find my certificate ... and delete it.

No harm, I think, if it's bad the system should just recreate one.  I 
don't use a specific certificate for anything (that I know of).

Well, the next day I try to get into Quicken ... and my quicken files 
are encrypted (did that when I took my laptop on a trip ... in case 
someone ripped it off, I didn't want them to be able to access my 
quicken data).

Quicken told me that it couldn't access the data files.

I tried to copy the quicken files and was told that access was denied 
... perhaps the file was in use.  Well, that's happened before ... so I 
ran CHKDSK /F and rebooted.

Tried to access Quicken again ... no go.

Did a bit of research on the web and found that the IE is used to manage 
the certificates used in the encrypting file system components.

Now the question is ... how the heck do I get my certificates back?  I 
didn't back them up.

Lucky for me, however, I HAD imaged my system to my wifes PC about 2 
weeks earlier.  Didn't think I could restore the certificates directly 
from the image ... but I could restore the image to another PC, backup 
the certificates to a floppy, then import them into my real system.

To make a long story short ... it worked fine.  I had to whack my 
scorched earth machine, but that's an easy re-install.

So be very careful when you start screwing around with things you don't 
understand completely. :)


This is the PC Technical Discussion for iSeries Users (PcTech) mailing list
To post a message email: PcTech@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/pctech
or email: PcTech-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/pctech.

This thread ...

Return to Archive home page | Return to MIDRANGE.COM home page