Ok...I tried to encrypt a file on my desktop today and got the error message "An error occurred applying attributes to file. Recovery policy configured for this system contains invalid recovery certificate." So naturally I googled it and searched the MS knowledge base and found that most likely a certificate had expired, etc, etc. So I searched thru the default domain policy and found the certificate that's being used in Windows-Security Settings-Public Keys -etc. The EFS certificate in use has certainly expired but the problem is that I can't seem to renew it. MS tells you to use the Certificate snap-in and use the default selection settings (I think it's like My User Account). I go thru all the steps but can't locate this certificate and, thus, can't renew it. Can anyone shed any light here? Thanks a bunch.