Install a recovery certificate in Windows 7

Every user in Windows 7 has his/her own encrypting file system (EFS) certificate which is used to encrypt the files. A recovery certificate is a special EFS certificate you can use to recover encrypted files if your encryption key is lost or damaged. Before you can use a recovery certificate, you have to install it on your computer. Here is how :

  1. Press the key combination Windows logo key + R to open the Run dialog. In the Run dialog, type secpol.msc and press Enter to open the Local Security Policy window.

    Run dialog to start secpol.msc in Windows 7

  2. In the Local Security window, expand Public Key Policies. Then right-click on Encrypting File System and select Add Data Recovery Agent as shown.

    Local Security Policy window in Windows 7

  3. In the Add Recovery Agent wizard click Next. Then click Browse button and browse to the recovery certificate files. Select the .CER file and click Open.

    Add Data Recovery Wizard in Windows 7

  4. You will be asked if you want to install this certificate? Choose Yes to continue.

    Installing Recovery Certificate

  5. In the Add Recovery Agent wizard click Next and then click Finish to complete the wizard.

    Finishing the data recovery wizard

  6. Press the key combination Windows logo key + R to open the Run dialog. In the Run dialog, type gpupdate and press Enter to update the group policy settings.

    Updating the group policy settings in Windows 7