Cannot decrypt EFS-encrypted file even though I loaded the previously-used encryption certificate


Paul Shapiro

I have some files that were encrypted on a stand-alone computer. I have the
certificate file from the certificate used to do the encryption.

On a different computer, connected to a domain, I have copies of the
encrypted files. I loaded the encryption certificate, and the certificate
store says I have the private key. The thumbprint on the certificate matches
the encrypted file's encrypting thumbprint.

But when I try to decrypt the file I get the error "Access is denied". My
current account is the owner of the file and the owner of the containing
folder, with full access rights. I saw an MS KB article saying this can
happen if the local System account does not have full control of the System
Volume Information folder, so I checked and System does have full control.

Am I missing any steps? From all I can find, after importing the backed-up
encryption certificate I should be able to decrypt the file.

Thanks for any help,
Paul Shapiro

Paul Shapiro

I think the password is still the same. But the account I'm using to try and
decrypt the file is different. It's a domain account now. At the last
encryption, I think the account was the same username and password, but it
was a local computer account. Would that prevent the decryption, even though
I've loaded the required encryption certificate?

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question