New
#1
Win 7 EFS. An encrypted file can not be opened after importing prv key
My first post in SevenForums. Any guidance on where to post things, etc. appreciated! I did look for a forum on file system issues, then looked over all forums, then decided to post here.
I have a file containing sensitive info that I use daily. It's encrypted with Windows EFS, showing as green in Explorer.
My objective is to be able to use this file from multiple logins on the same computer.
The file was not stored on the system drive in a Users subfolder, but on a separate logical drive (same physical drive), under a folder named "xxx" that I use, for many purposes, as a substitute for the corresponding Users subfolder on the system drive (since it's basically user data rather than system or application data). Usage of this encrypted file has been trouble-free until today.
I've been using an elevated privilege login "xxx" for all my computing work. I recently decided to create a second login "yyy" for use in daily work. I intend to use the new "yyy" login with restricted privileges, but for now both logins are admins until I get comfortable using the new login.
After creating "yyy" while logged in as "xxx", I copied most of the contents of the "xxx" profile to the new user's profile directory. (As I'm typing this, Radar is suggesting my problem might be here - a brute-force workaround for the eternally-greyed-out "Copy to" feature in Windows 7 profile manager.)
While logged in as "xxx" I exported my certificate or private key (not really clear to me from the process) to a .pfx file. (I did opt to include other certificates.) I then switched login to "yyy" and navigated to the target file's folder. Noticing that the file was in my separate "xxx" data folder, and knowing that I now want to use the same file from either of my logins, I moved the encrypted file to a third subfolder on my data drive, whose parent I call "System" to remind me that its files should be login-neutral. (Moving the file from the new login before I tried to open it - Radar up?)
While logged in as "yyy" I imported the saved private key/certificate file into the same directory as the target file. When I tried opening the target file, I got a Windows dialog in the nature of "Excel cannot open the file because the file format or file extension not valid".
I switched login back to "xxx" and opened the file without incident. Restarted, logged in as "yyy" - same result "Excel cannot open the file because the file format or file extension not valid".
Searching yielded little other than a 2011 TechNet article stating that the problem was malware: http://*******/1wAmhE5 .. I downloaded and ran a Quick Scan with the linked utility - no infection found. (Yesterday I ran a full scan with current MSRT whose UI appears identical with this one's.)
I also tried searching for "how does an idiot like me APPLY an imported certificate or private key to a specific file"; evidently it doesn't work that way. I also found a lengthy, aging TechNet tutorial on everything I never want to know about EFS: http://*******/1wAnqf5
Why would this be difficult? Thanks for any ideas!
Edit: Thank you for letting me know not to try posting URL-shortened links. Will read up before posting again.
Last edited by dovob; 28 Oct 2014 at 18:09. Reason: My links defeated.