Guest S Sainsbury Posted February 15, 2008 Posted February 15, 2008 I have installed Certificate Services and set it up as the Enterprise CA on an enterpise edition 2003 server. I have configured Key Recovery Agent and setup Key Archival I have created a new User Template that is set to archive keys and is responsible for data encryption, secure email and computer authentication with automatic user enrollment. I have set the administrator account and also my own user account as being Recovery agents. I issued myself a user certificate and used EFS to encrypt a test file. On checking the CA on the root server I could find no trace of the archive key for my new user certificate. I checked the file I had just encrypted, went into the details of the certificate and it clearly showed that the administrator account had been issued a recovery key. I tried several more attempts at encrypting files but still no archive key was showing in the CA, I also used the KRT.exe utility to search for archived keys, but nothing. I checked another standalone CA just to make sure it had not been issued to the wrong CA, but nothing. I have checked the event logs but no errors showing. Can anyone advise on where im going wrong? I appreciate any help.
Recommended Posts