Export (0) Print
Expand All

Configure a certificate template for key archival and recovery

Updated: November 7, 2012

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

 

To configure a certificate template for key archival and recovery

  1. Open Certificate Templates.

  2. In the details pane, right-click the certificate template that you want to change, and then click Properties.

  3. On the Request Handling tab, select the Archive subject's encryption private key check box.

Notes

  • To perform this procedure, you must be a member of the Domain Admins group or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.

  • To open Certificate Templates, click Start, click Run, type certtmpl.msc, and then press Enter.

  • This procedure is applicable to version 2 templates. For more information about version 2 templates, see Related Topics.

  • In addition to this procedure, the certification authority must be configured to archive keys. For more information, see Related Topics.

  • Clients must be re-enrolled to receive a certificate that is based on the changed template if they already have a valid certificate that is based on the old template. For more information about re-enrolling clients, see Related Topics.

See Also

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft