PC Review


Reply
Thread Tools Rate Thread

encryption--I have the 'key' but can't open the 'lock'

 
 
=?Utf-8?B?c3R1bXBlZA==?=
Guest
Posts: n/a
 
      21st Nov 2005
I'm having a fight with encryption . . . I have the certificate and matching
key for the encrypted files. I select a file, right-click 'properties', click
'advanced', unselect 'encrypt', and get an "Error 5" message.

Initially I was getting a message telling me that the certificate was not in
the "Trusted Root Certification Store", so I added the requisite 'snap-in',
exported the certificate from Console Root\Certificates - Local
Computer\Trusted People\Certificates and imported it to Console
Root\Certificates - Local Computer\Trusted Root Certification
Authorities\Certificates. The red 'x' that was on the certificate (found by
double-clicking the Certificate, on the General tab) disappeared. The
certificate "is intended for the following purpose(s): allows data on disk to
be encrypted; all issuance policies."

I was elated with my progress! Until I tried to unencrypt again . . . I
right-click a file, click 'properties', click 'advanced', and click
'details', but my certificate is not listed among the "Users who can
transparently access this file"--there's only User(User@DIRECTOR). I click
"Add" and my key appears in the "select the user's certificate with whom you
want to share the access" window, I select it and click OK and it is added to
the "Users who can transparently access this file" window. I click OK and get
the EFSADU error "Error in adding new user(s). Error code 5."

Is there any way to set my key as the 'default' certificate (so that it
would show up in the "Users who can transparently access this file" list)? If
not, is there another folder in the Certificates console that my certificate
should be imported into so that it can be "added"?

Thanks for your help,

Paul

PS I've got 'ownership' rights to all the folders in question, so I don't
think that's the issue.
PPS The Administrator 'User account' name has been changed since the files
were encrypted. Would that have any affect?
 
Reply With Quote
 
 
 
 
=?Utf-8?B?UGF0IEhvZmZlciBbTVNGVF0=?=
Guest
Posts: n/a
 
      22nd Nov 2005
If you have it, import the .pfx file for "User(User@DIRECTOR)" into your
Personal certificates store and that will give you access to the file. Since
the User@DIRECTOR certificate is the only certificate listed on the file, you
must have that certificate installed in order to decrypt the file. The .pfx
file will have both the certificate and decryption key.

Thanks.
Pat
--
This posting is provided "AS IS" with no warranties, and confers no rights.


"stumped" wrote:

> I'm having a fight with encryption . . . I have the certificate and matching
> key for the encrypted files. I select a file, right-click 'properties', click
> 'advanced', unselect 'encrypt', and get an "Error 5" message.
>
> Initially I was getting a message telling me that the certificate was not in
> the "Trusted Root Certification Store", so I added the requisite 'snap-in',
> exported the certificate from Console Root\Certificates - Local
> Computer\Trusted People\Certificates and imported it to Console
> Root\Certificates - Local Computer\Trusted Root Certification
> Authorities\Certificates. The red 'x' that was on the certificate (found by
> double-clicking the Certificate, on the General tab) disappeared. The
> certificate "is intended for the following purpose(s): allows data on disk to
> be encrypted; all issuance policies."
>
> I was elated with my progress! Until I tried to unencrypt again . . . I
> right-click a file, click 'properties', click 'advanced', and click
> 'details', but my certificate is not listed among the "Users who can
> transparently access this file"--there's only User(User@DIRECTOR). I click
> "Add" and my key appears in the "select the user's certificate with whom you
> want to share the access" window, I select it and click OK and it is added to
> the "Users who can transparently access this file" window. I click OK and get
> the EFSADU error "Error in adding new user(s). Error code 5."
>
> Is there any way to set my key as the 'default' certificate (so that it
> would show up in the "Users who can transparently access this file" list)? If
> not, is there another folder in the Certificates console that my certificate
> should be imported into so that it can be "added"?
>
> Thanks for your help,
>
> Paul
>
> PS I've got 'ownership' rights to all the folders in question, so I don't
> think that's the issue.
> PPS The Administrator 'User account' name has been changed since the files
> were encrypted. Would that have any affect?

 
Reply With Quote
 
 
 
 
=?Utf-8?B?c3R1bXBlZA==?=
Guest
Posts: n/a
 
      23rd Nov 2005
Actually, it's the OTHER certificate that I want to be recognised. I don't
really care about the "User(User@DIRECTOR)" one, since the files were not
encrypted with it. They WERE encrypted with my certificate, but now I cannot
add mine to the list of 'users who can transparently access files' without
getting "Error 5" . . . Thanks for trying, though,

Paul


"Pat Hoffer [MSFT]" wrote:

> If you have it, import the .pfx file for "User(User@DIRECTOR)" into your
> Personal certificates store and that will give you access to the file. Since
> the User@DIRECTOR certificate is the only certificate listed on the file, you
> must have that certificate installed in order to decrypt the file. The .pfx
> file will have both the certificate and decryption key.
>
> Thanks.
> Pat
> --
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
> "stumped" wrote:
>
> > I'm having a fight with encryption . . . I have the certificate and matching
> > key for the encrypted files. I select a file, right-click 'properties', click
> > 'advanced', unselect 'encrypt', and get an "Error 5" message.
> >
> > Initially I was getting a message telling me that the certificate was not in
> > the "Trusted Root Certification Store", so I added the requisite 'snap-in',
> > exported the certificate from Console Root\Certificates - Local
> > Computer\Trusted People\Certificates and imported it to Console
> > Root\Certificates - Local Computer\Trusted Root Certification
> > Authorities\Certificates. The red 'x' that was on the certificate (found by
> > double-clicking the Certificate, on the General tab) disappeared. The
> > certificate "is intended for the following purpose(s): allows data on disk to
> > be encrypted; all issuance policies."
> >
> > I was elated with my progress! Until I tried to unencrypt again . . . I
> > right-click a file, click 'properties', click 'advanced', and click
> > 'details', but my certificate is not listed among the "Users who can
> > transparently access this file"--there's only User(User@DIRECTOR). I click
> > "Add" and my key appears in the "select the user's certificate with whom you
> > want to share the access" window, I select it and click OK and it is added to
> > the "Users who can transparently access this file" window. I click OK and get
> > the EFSADU error "Error in adding new user(s). Error code 5."
> >
> > Is there any way to set my key as the 'default' certificate (so that it
> > would show up in the "Users who can transparently access this file" list)? If
> > not, is there another folder in the Certificates console that my certificate
> > should be imported into so that it can be "added"?
> >
> > Thanks for your help,
> >
> > Paul
> >
> > PS I've got 'ownership' rights to all the folders in question, so I don't
> > think that's the issue.
> > PPS The Administrator 'User account' name has been changed since the files
> > were encrypted. Would that have any affect?

 
Reply With Quote
 
 
 
Reply

Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
If you have come to this website then you have made a right decesion.I have a plan for everyone to earn 300$ extra per month. Rakesh Aitla Microsoft C# .NET 0 29th Oct 2009 06:49 AM
I have UDMA5 but theoretically I can have UDMA 6 Kenny Windows XP General 3 26th Apr 2004 08:51 AM
Do have have to have Win XP or above to see video with Windows Messenger 5.0? John Jordan Windows XP Messenger 0 16th Sep 2003 03:22 PM
I have the same problem that you have. I have no clue. steve Microsoft Outlook 0 26th Aug 2003 10:14 PM
ran the fix blaster tool and said i dont have it. but i have the symptoms? Liesl Windows XP Security 0 15th Aug 2003 01:16 AM


Features
 

Advertising
 

Newsgroups
 


All times are GMT +1. The time now is 03:21 AM.