Windows 10: Encrypted My .PFX!

OK, so I fucked up! I backed up and then wiped one of my HDD's and reinstalled Windows 10 Pro.

When I went to copy everything back over I realized I did not decrypt my files before wiping. Oops!

I have the .pfx files and I do know the password, but I am unable to open it in Certificates Wizard...or anything else...getting the error "Access is Denied" when trying to do anything with any of the files.

Is there any way around this? I'm going to be losing quite a bit of stuff if so...

submitted by /u/Line_Stepper2020
[link] [comments]

:)

 

Decrypting bitlocker encrypted OS volume with .pfx certificate

I have a windows 10 operating system partition that is encrypted with bitlocker.
Unfortunately I don't remember ever having activated bitlocker encryption nor can find and
.bek file or numeric pin or password.

My first uncertainty is in why my device is encrypted in the first place and who encrypted it. There are two possibilities: I have encrypted it myself and forgotten about it. The manufacturer that shipped the laptop has encrypted the device
when installing the operating system (which I don't think is the case). I contacted the manufacturer and they do not have knowledge of any key.

My second uncertainty is in why the bitlocker lockout was triggered at this time when it worked fine for the last year or so. It says
Boot policy has unexpectedly changed. From what I have red so far, there are a lot of reasons why this can happen. Probably it happened because I did not properly remove a external USB harddrive or I changed some BIOS settings without knowing what
I was doing. The only important question is if it is it in principle possible to roll back the boot policy to its initial state and thus circumvent the necessity to enter the bitlocker code?

My third uncertainty is concerning the unlock key. I found a
.pfx certificate file that I might have exported during the encryption procedure, I just don't remember. I found a post

https://www.einfaches-netzwerk.at/teil-20b-bitlocker-dra/ where a drive is indeed decrypted with the
sha1 certificate thumbprint like this:

manage-bde -unlock i: -cert -ct "46 4f 75 9b f9 67 7a d2 44 d0 7b 64 61 63 16 80 df dc 0b a2"

which I can easily retrieve from the .pfx file.

My question is now, assuming this .pfx certificate indeed contains the key to do the decryption, how can I export this certificate to the certificate store so that the above command will work?

How can I install the .pfx certificate from the elevated command prompt (I cannot do it from within the GUI because it is my OS volume that is locked so I only can access it with the recovery console)?

I tired:

certutil -f -p somePassword -importpfx "somePfx.pfx"

as outlined here
https://stackoverflow.com/questions/5171117/import-pfx-file-into-particular-certificate-store-from-command-line?noredirect=1, but
certutil command is not found.

Here is the output of the manage-bde -status command

Can someone give a hint on how to decrypt a bitlocker encrypted OS partition with a
.pfx file and clarify if the steps outlined are in principle correct and should work if the certificate is the right one?

I would appreciate any your comments.

 

Windows 10 Encryption Backing Up the Certificate

Windows 10 Encryption.

My problem is when I try to backup the Certificate Key to an external drive as is recommended by Microsoft. ("Backup your file certificate key...")

The Certificate Export Wizard pops up.

I click NEXT.

The default display is for a .pfx file (which I assume is the default Certificate format when I encrypted the document).

I click NEXT.

Asks for a password and confirm password.

I complete the password step and click NEXT.

THEN THE PROBLEM

It asks for a "file name" for "File to Export.... Specify the name of the file you want to export"

I DON'T KNOW THE FILE NAME FOR THE CERTIFICATE.

The Certificate was automatically generated when I encrypted the file - it did not tell me what the certificate name is or where it is stored.

When I click the browse button, it is looking for a .pfx file but to perform the search I am required to click on every single subfolder individually to search for the .pfx file. It is not in the documents folder fyi.

How do I find the Certificate .pfx file in order to export it?

 

Device Encryption not avaiable

Hello Fraczek,

Thank you for contacting Microsoft Community.

We understand your concern in this regard.

• Are you referring to BitLocker Drive Encryption?
• What preventing you from doing this?
• Did you get any error message or code while doing this?

Before you come up with the above information, suggest you to refer the article

Help protect your files using BitLocker Drive Encryption and see if it help you.

Do refer the article
Windows BitLocker Drive Encryption Step-by-Step Guide and check if it help you with the required information.

Keep us posted if you require further assistance.