G
Graham
Enterprise Root CA on Windows Server 2003 Std - hard drive was removed from
the server and stored in a locked cabinet.
Just over two years ago, a certificate was created, which apparently allowed
EFS in our domain. Last week, the certificate expired, and we stopped being
able to set the encrypted flag on folders. We now see the message, "Recovery
policy configured for this system contains invalid recovery certificate." All
the KB docs says to renew the certificate, or issue a new one.
We plugged in the hard drive from above, only to discover that it has
failed, so we cannot renew this particular cert or revive the Root CA. I
suppose we could create a new Root CA and issue a new one. The admin who
originally set up the Root CA is no longer here, and we have no documentation
about the certificates that it issued and what they were supposed to do. We
have no other CAs. Being able to recover previously encrypted documents is
not an issue.
My question is, can we just delete the cert from the domain and revert to
the default settings of no cert for EFS?
Thanks,
the server and stored in a locked cabinet.
Just over two years ago, a certificate was created, which apparently allowed
EFS in our domain. Last week, the certificate expired, and we stopped being
able to set the encrypted flag on folders. We now see the message, "Recovery
policy configured for this system contains invalid recovery certificate." All
the KB docs says to renew the certificate, or issue a new one.
We plugged in the hard drive from above, only to discover that it has
failed, so we cannot renew this particular cert or revive the Root CA. I
suppose we could create a new Root CA and issue a new one. The admin who
originally set up the Root CA is no longer here, and we have no documentation
about the certificates that it issued and what they were supposed to do. We
have no other CAs. Being able to recover previously encrypted documents is
not an issue.
My question is, can we just delete the cert from the domain and revert to
the default settings of no cert for EFS?
Thanks,