Share via


Key archival

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Key archival

When subjects lose their private keys, any information that was persistently encrypted with the corresponding public key is inaccessible. To help avoid this, Windows Server 2003, Enterprise Edition, and Windows Server 2003, Datacenter Edition, have the ability to archive a subject's keys in its database when certificates are issued. These keys are encrypted and stored by the certification authority (CA). If a subject loses its keys, the information can be retrieved from the database and provided to the subject. This allows the encrypted information to be recovered instead of lost.

Important

  • Key archival and key recovery are only available on Windows Server 2003, Enterprise Edition, and Windows Server 2003, Datacenter Edition, running an enterprise CA.