Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Server crash; no cert backup; possible to restore?

Status
Not open for further replies.
jenlion

jenlion

IS-IT--Management
Nov 13, 2001
215
My customer had a certificate on their server 2003 machine. It was called when encrypting and decrypting credit card numbers.

The machine inconveniently went kaput this week without warning. OS is apparently trash.

We have everything running again, but have no way to access the old credit card numbers. Seems they backed up a cert from a previous install, and never the one they were actually using. We DO have the .crt and .edb files, but no .pfx.

Is there ANY way to get that old cert back in so we can decrypt that information???
 
Sort by date Sort by votes
Politely - you're hosed...

If you don't have the certificate, you won't be able to access the data. Depending on the config, you may see if pulling a hard drive and connecting it to a USB-to-IDE/SATA cable will allow you to access the data, and search for the certificate.

Hope that helps...

Mike Molenda

RSA Corp - Houston, TX
Technical Assistance Center
 
Upvote 0 Downvote
The old hard drive is connected as a slave - the OS on it won't boot, but we have everything on it except for whatever key piece of windows got trashed, preventing it from booting. The old certificates are there. Just no pfx.

I told them I'm pretty sure they're hosed, too. But if there's any way to recover enough from an old hard drive... what generates a pfx anyway? Is there info in the old registry to look at? ANY way to retrieve?

I think it's designed specifically so black-hatters can't reconstruct and steal info, but I need to be sure :)

Thanks!
 
Upvote 0 Downvote
Had to look it up to be sure...

The PFX file is generated by the certificate authority - it's designed to ensure the PFX file only comes from one place. In Windows, the command is on this post:


You need to have access to the original certificate server (either the Win2003 box or whatever service made the certificate) in order to recreate the PFX file. In your case, because Windows is toast, it's impossible to recreate it. If it was provided by an outside vendor (VeriSign, GoDaddy, etc), you MAY be able to retrieve it from them, but I doubt it - I usually use self-signed certificates generated from Windows, so don't hold me to that.

The only way to retrieve it is to have a thousand monks spend a hundred years trying every possible permutation - don't think too many people have access to that many monks...

To sum it up - it's like having one person knowing the key to a state-of-the-art bank vault. If that person dies, the vault stays sealed, unless you have the time and money to hire someone to crack it.

Hope that helps...

Mike Molenda



RSA Corp - Houston, TX
Technical Assistance Center
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
378
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
455
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
587
suncit
suncit
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
402
microsGuy16
microsGuy16
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
382
antonio_dsanchez
antonio_dsanchez

Part and Inventory Search

Sponsor

Back
Top