Encryption Certificates The first time you encrypt a folder or file, you should back up your encryp-

tion certificate. If your certificate and key are lost or damaged and you do not have a backup, you won’t be able to use the files that you have encrypted. To back up your EFS certificate, do the following:

1. Open Certificate Manager by clicking the Start button, typing certmgr.msc into the Search box, and then pressing Enter.

2. Click the arrow next to the Personal folder to expand it.

3. Click Certificates.

4. Click the certificate that lists Encrypting File System under Intended Purposes. (You might need to scroll to the right to see this.) If there is

more than one EFS certificate, you should back up all of them.

CHAPTER 9: Managing Files and Folders

5. Click the Action menu, point to All Tasks, and then click Export.

6. In the Export Wizard, click Next, click Yes, export the private key, and then click Next.

7. Click Personal Information Exchange and then click Next.

8. Type the password you want to use, confirm it, and then click Next. The export process creates a file to store the certificate.

9. Enter a name for the file and the location (include the whole path) or click Browse and navigate to the location, and then enter the file name.

10. Click Finish.

11. Store the backup copy of your EFS certificate in a safe place. If the encrypted file needs to be shared with another user on the same comput-

er, you then need to do the following:

1. Export the EFS certificate.

2. Import the EFS certificate.

3. Add the EFS certificate to the shared file. The person with whom you want to share files needs to export her EFS certifi-

cate and give it to you by doing the following:

1. Open Certificate Manager by clicking the Start button, typing certmgr.msc into the Search box, and then pressing Enter.

2. Click the arrow next to the Personal folder to expand it and then click the EFS certificate that you want to export.

3. Click the Action menu, point to All Tasks, and then click Export.

4. In the Certificate Export Wizard, click Next.

5. Click No, do not export the private key, and then click Next.

6. On the Export File Format page, click Next to accept the default format.

7. The export process creates a file to store the certificate in. Type a name for the file and the location (include the whole path), or click Browse,

navigate to the location, and then type the file name.

8. Click Finish.

Encryption

After you get the EFS certificate from the person you want to share the file with, you need to import the certificate:

1. Open Certificate Manager by clicking the Start button, typing certmgr.msc into the Search box, and then pressing Enter.

2. Select the Personal folder.

3. Click the Action menu, point to All Tasks, and click Import.

4. In the Certificate Import Wizard, click Next.

5. Type the location of the file that contains the certificate, or click Browse, navigate to the file’s location, and then click Next.

6. Click Place all certificates in the following store, click Browse, click Trusted People, and then click Next.

7. Click Finish. To add the EFS certificate to the shared file, use the following steps:

1. Right-click the file you want to share and then click Properties.

2. Click the General tab and then click Advanced.

3. In the Advanced Attributes dialog box, click Details.

4. In the dialog box that appears, click Add.

5. In the Select User dialog box, click the certificate and then click OK.