HI, Let say if client PC crashes and don't have Certificate backup, does the CA Sever have backup somewhere for me to if I need to backup client certificates? Does it save to any type of folder or i need to export from? I checked the Certificate manager, but only allowed to export as bineary. CA Serve: Windows 2008 R2 Client: Windows 7 Thx Angkor

Hi, On CA server, you can following the steps below to export a certificate: 1. Right click on the certificate and then click Properties. 2. Click the Details tab, and then click Copy to File. 3. Follow the wizard to export it. Regards, Bruce

That depends on what type of certificate was issued and what was it used for. Some certificates can be revoked and re-issued. If you are refering to an EFS (encryption) certificate, and you want to recover the encrypted information on that computer then you should configure a DRA. Add a recovery agent for a domain : http://technet.microsoft.com/en-us/library/cc778448(WS.10).aspx Back Up the Private Key of the Domain's EFS Recovery Agent : http://technet.microsoft.com/en-us/library/cc755157(WS.10).aspx Using Data Recovery Agents with BitLocker : http://technet.microsoft.com/en-us/library/dd875560(WS.10).aspx#BKMK_proc_dra Also be sure that you have you Certification Authority server backed up: http://technet.microsoft.com/en-us/library/cc737405(WS.10).aspxMCTS - Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, On CA server, you can following the steps below to export a certificate: 1. Right click on the certificate and then click Properties. 2. Click the Details tab, and then click Copy to File. 3. Follow the wizard to export it. Regards, Bruce

That depends on what type of certificate was issued and what was it used for. Some certificates can be revoked and re-issued. If you are refering to an EFS (encryption) certificate, and you want to recover the encrypted information on that computer then you should configure a DRA. Add a recovery agent for a domain : http://technet.microsoft.com/en-us/library/cc778448(WS.10).aspx Back Up the Private Key of the Domain's EFS Recovery Agent : http://technet.microsoft.com/en-us/library/cc755157(WS.10).aspx Using Data Recovery Agents with BitLocker : http://technet.microsoft.com/en-us/library/dd875560(WS.10).aspx#BKMK_proc_dra Also be sure that you have you Certification Authority server backed up: http://technet.microsoft.com/en-us/library/cc737405(WS.10).aspxMCTS - Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, does the link you had provided http://technet.microsoft.com/en-us/library/cc737405(WS.10).aspx does it backup both CA and Clients Certificates? Thx ANGKOR

Bruce, I had tried export the Certificate but have two questions: 1. When we export the Cert from CA, What kind of key in the Cert? Does it include public or private or both? 2. How can we verify if cert has public or private or both? Thanks for your help.