Trying to clean up a 2003 server before migrating. Need to encrypt some files in the meantime but apparently certificate is expired. Can't export the private key, but there are no encrypted files on it now, so is it safe to del the old cert? Details:
I'm following the steps in kb/937536 because the system complains the recovery policy cert is invalid, apparently expired. The KB instructions say make a new cert with cipher.exe. Then export the existing cert I guess for safety. Then delete the old cert and add the new one. But at the step of exporting the old cert it's supposed to let me export the key too but won't. Another KB kb/259732 says this happens if the Administrator account was overwritten and to be sure to decrypt and re-encrypt all data before deleting the old cert. Well there are no encrypted files or folders. So it seems it would be safe to go ahead and delete the old cert even without the key because I'm just going to add the new one and then encrypt some stuff using that cert. Or is there any other effect of deleting that cert, and not having its key, that's going to bite me?
Thanks.