Enabling Key Archiving with a Microsoft CA
Before you can enable key archiving with a Microsoft CA, you must be sure that key escrow and recovery is enabled.
-
On the Microsoft CA machine, from the Start menu, point to Programs, click Administrative Tools, and then click Certification. The Certification Authority window is displayed.
-
In the console tree, expand Certification Authority, right-click the CA you want to enable for key archiving, and then click Properties.
-
In the Properties window, select the Recovery Agents tab, and then select the Archive the key option.
-
Click Add and select the required Key Recovery Agent certificate.
This adds the recovery agent(s) to the Key recovery agent certificates list.
-
Click OK.
