Dear Experts,
I am trying to create an encrypted folder on our server that will be accessible to only a few users. When I tried to encrypt it, I got the "EFS recovery policy contains invalid recovery certificate" error, so I started to follow the instructions how to export then import the EFS private certificate. Now I am getting an error that says "Windows cannot determine if this certificate has been revoked......" error. If I go ahead and install this certificate anyway, the Recovery agents gets labeled UNKNOWN_USER.
The server I am trying to install the recovery agent is not the domain controller, so I exported the EFS certificate from the domain controller, then moved it to this file server. I am not sure if this is the correct method. Also, the certificate I exported had the expiration date that is in the past, so I am very confused.
Please advise.
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.