Hi,
I currently have a 2008 AD CS setup with an offline root and an entrprise subordinate CA. I am testing out key recovery on the EntCA. I found a article Certificate Services example implementation: Key archival and recovery http://technet.microsoft.com/en-us/library/cc781351.aspx on how to do this. I was following the process and everything works until Task 6, step 3.b. When running certutil -user -recoverkey outputblob keytest.pfx it fails with the following error:
CertUtil: -RecoverKey command FAILED: 0x8009200c (-2146885620)
CertUtil: Cannot find the certificate and private key to use for decryption.
While searching the internet for an answer I saw someone who had the exact same problem however no answer was provided.
Does anyone have any ideas how to resolve this? or a checklist or process that works?
Thanks,
Craig
I currently have a 2008 AD CS setup with an offline root and an entrprise subordinate CA. I am testing out key recovery on the EntCA. I found a article Certificate Services example implementation: Key archival and recovery http://technet.microsoft.com/en-us/library/cc781351.aspx on how to do this. I was following the process and everything works until Task 6, step 3.b. When running certutil -user -recoverkey outputblob keytest.pfx it fails with the following error:
CertUtil: -RecoverKey command FAILED: 0x8009200c (-2146885620)
CertUtil: Cannot find the certificate and private key to use for decryption.
While searching the internet for an answer I saw someone who had the exact same problem however no answer was provided.
Does anyone have any ideas how to resolve this? or a checklist or process that works?
Thanks,
Craig