In window 10 enterprise, corporate environment (if it matters). I have a single file with info I want to protect, and I want to encrypt just this single file. And I only want to do this in Windows, if it's just win10 that's ok.
I right click on that file and do Properties – General – Advanced and check Encrypt contents to secure data.
The resulting error is Error applying attributes – Recovery policy configured for this system contains invalid recovery certificate.
- What does that error mean?
- What means are there of encrypting just a single file (win7 or win10)? I do not want to use 3rd party software if I do not have to.
- Is this an Enterprise setup type of error/problem, or should I expect any win10 home/pro/enterprise version to be able to do this much like opening/creating a .zip file?
Best Answer
Since you said you are in a corporate environment, this means someone has (wrongly) setup recovery policies for encrypted files in your domain.
Windows' built-in Encrypting File System can be configured to allow recovery of encrypted files by administrators (or other people who have been given access to the certificate configured for file recovery); this means that whoever manages your environment can decrypt your files.
However, in your case this happens to have been wrongly configured: your system is trying to encrypt your files in a way that would allow administrators to decrypt them, but it's failing due to certificate issues.
If you want to encrypt your files using Windows EFS (and you are ok with your company being able to decrypt them), you should complain to your ICT people.
If you want to encrypt your files in a way that will not allow your company to decrypt them, then you should use another solution; but you should ask your ICT people nevertheless, because this could be (and probably is) forbidden by company policy.