Encrypted File System (EFS) Certificate Backup

How to Backup Encrypted File System (EFS) Certificate in Vista, Windows 7, and Windows 8

information   Information
If you encrypt data (files and folders) on your computer, then you need a way to recover that data in case something happens to the encryption key. If your encryption key is lost or damaged and you don't have a way to recover your data, the data is lost. To make sure you can always access your encrypted data, you should back up your encryption certificate and key.

The Encrypt feature is only available in the Vista Business, Ultimate, Enterprise, Windows 7 Professional, Ultimate, Enterprise, and Windows 8 Pro and Enterprise editions.
warning   Warning
Be sure to store the backup (Exported) copy of your EFS certificate in a safe place. You will need it if you have to restore the EFS cetificate to be able to decrypt your encrypted files.
Tip   Tip
If you lost the EFS certificate backup, or did not create one, then you can use the 30 day free trial program Advanced EFS Data Recovery to decrypt the files.





Here's How:
1. Press the Windows + R keys to open the Run dialog, type certmgr.msc,and press Enter.​
2. In the left pane, double click/tap on the Personal folder to expand it, and click/tap on Certificates. (See screenshot below step 4)​
3. In the right pane, right click the certificate that lists Encrypting File System under Intended Purposes.​
NOTE: If there is more than one EFS certificate, you should back up all of them.​
4. Click/tap on All Tasks and Export.​
certmgr.jpg

5. Click/tap on Next in the Export Wizard Welcome. (See screenshot below)​
Wizard_Welcome.jpg

6. Select (dot) Yes, export the private key, and click/tap Next. (See screenshot below)​
Export_Private_Key.jpg

7. Select (dot) Personal Information Exchange, and click/tap Next. (See screeshot below)​
Export_File_Format.jpg

8. Type a password you want to use, confirm it, and click/tap on Next. (See screenshot below)​
NOTE: Be sure to store this password in a safe location. You will not be able to import the EFS Certificate back to Vista without it.
Password.jpg

9. Enter a name for the file and the location (include the whole path) or click/tap Browse and navigate to the location, then enter the file name. (See screenshots below)​
10. Click/tap on Next.​
NOTE: If you clicked Browse instead, then click Save and then Next.
File_To_Export.jpg
Save_As.jpg

11. Click/tap on Finish. (See screenshot below)​
Finish.jpg

12. Click/tap OK. (See screenshot below)​
Successful.jpg

That's it,
Shawn



Related Tutorials

 

Attachments

  • EFS_certificate.png
    EFS_certificate.png
    24.5 KB · Views: 439
Last edited:
Click to expand...
The
Code: 
Yes, export the private key?
option is dimmed out on my Vista Ultimate x64 system! What can I do to export my private key? :cry:
 

My Computer

System One

Hi na5M,

Welcome to the forum.:party:

It means that the EFS private key part of the certificate cannot be found, and usually will only have the Certificate itself that can be exported. This usually happens when the file this EFS private key was created for is no longer encrypted with it. You can delete this Certificate listing if you are sure that nothing is encrypted by it.

Do you have any other EFS Certificates listed? If you do, then that will be the one probably being used be a encrypted file.

If you get locked out of your encrypted file, then add the encrypted file to a compressed (zipped) folder. The file will be unencrypted (decrypted) when extracted.

Hope this helps,
Shawn
 

My Computers

System One System Two

  • Operating System
    Windows 10 Pro 64-bit
    Manufacturer/Model
    Custom
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G7 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2, 4TB Samsung 990 PRO PRO M.2, 8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3
    Cooling
    Corsair Hydro H115i
    Mouse
    Logitech MX Master 3
    Keyboard
    Logitech wireless K800
    Internet Speed
    1 Gb/s Download and 35 Mb/s Upload
    Other Info
    Logitech Z625 speaker system, Logitech BRIO 4K Pro webcam, HP Color LaserJet Pro MFP M477fdn, APC SMART-UPS RT 1000 XL - SURT1000XLI, Galaxy S23 Plus phone
  • Operating System
    Windows 10 Pro
    Manufacturer/Model
    HP Envy Y0F94AV
    CPU
    i7-7500U @ 2.70 GHz
    Memory
    16 GB DDR4-2133
    Sound Card
    Conexant ISST Audio
    Monitor(s) Displays
    17.3" UHD IPS touch
    Screen Resolution
    3480 x 2160
    Hard Drives
    512 GB M.2 SSD
Thanks for the quick reply! I'm not sure what I did to wind up with a dimmed out option, but it isn't really a big deal (and your answer is probably right). I was just experimenting with creating/deleting encrypted folders & certs. Ultimately, I just deleted all of my encrypted folders and all EFS certs/keys to restart with a blank slate. Then I created a folder that I wanted to keep permanently as an encrypted folder, encypted it, and voila... when I went to export the cert, the Export Private Key option was now available to me (ps- I store the pfx file on gmail for safe keeping).

It is taking a little while for me to fully warm up to this 64 bit version of Vista, but I am slowly getting to know it better. Actually, I was surprised to find that Windows Media Player is delivered with DVD decoding for free! No need to buy WinDVD or VideoLAN :)

The next thing I'm going to try to do is get an SSH client working for my x64 Vista. I hope I find success!

Thanks again, brink
 

My Computer

System One

Your welcome na5M,

I hope you have success with your Secure Shell client to.

Shawn
 

My Computers

System One System Two

  • Operating System
    Windows 10 Pro 64-bit
    Manufacturer/Model
    Custom
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G7 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2, 4TB Samsung 990 PRO PRO M.2, 8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3
    Cooling
    Corsair Hydro H115i
    Mouse
    Logitech MX Master 3
    Keyboard
    Logitech wireless K800
    Internet Speed
    1 Gb/s Download and 35 Mb/s Upload
    Other Info
    Logitech Z625 speaker system, Logitech BRIO 4K Pro webcam, HP Color LaserJet Pro MFP M477fdn, APC SMART-UPS RT 1000 XL - SURT1000XLI, Galaxy S23 Plus phone
  • Operating System
    Windows 10 Pro
    Manufacturer/Model
    HP Envy Y0F94AV
    CPU
    i7-7500U @ 2.70 GHz
    Memory
    16 GB DDR4-2133
    Sound Card
    Conexant ISST Audio
    Monitor(s) Displays
    17.3" UHD IPS touch
    Screen Resolution
    3480 x 2160
    Hard Drives
    512 GB M.2 SSD
na5m,

Thank you for the feedback on it Cygwin working for you on Vista x64.

Shawn
 

My Computers

System One System Two

  • Operating System
    Windows 10 Pro 64-bit
    Manufacturer/Model
    Custom
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G7 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2, 4TB Samsung 990 PRO PRO M.2, 8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3
    Cooling
    Corsair Hydro H115i
    Mouse
    Logitech MX Master 3
    Keyboard
    Logitech wireless K800
    Internet Speed
    1 Gb/s Download and 35 Mb/s Upload
    Other Info
    Logitech Z625 speaker system, Logitech BRIO 4K Pro webcam, HP Color LaserJet Pro MFP M477fdn, APC SMART-UPS RT 1000 XL - SURT1000XLI, Galaxy S23 Plus phone
  • Operating System
    Windows 10 Pro
    Manufacturer/Model
    HP Envy Y0F94AV
    CPU
    i7-7500U @ 2.70 GHz
    Memory
    16 GB DDR4-2133
    Sound Card
    Conexant ISST Audio
    Monitor(s) Displays
    17.3" UHD IPS touch
    Screen Resolution
    3480 x 2160
    Hard Drives
    512 GB M.2 SSD
You must log in or register to reply here.
Back
Top