How is the Master Certificate used for recovery?
If a Master Certificate was configured by installation setting or policy update, all files encrypted by SEE Removable Storage from that time forward will be encrypted under the Master Certificate’s public key. This provides recovery of encrypted files should the certificate and/or password that the user used to encrypt the file be lost, revoked, or forgotten. To recover files encrypted under a given Master Certificate, you will need to provide the private key associated with that Master Certificate. This private key should be stored on a token in a physically secure location. Copy the files to be recovered to a workstation which also has the SEE Removable Storage Access utility. In this example, the Master Certificate (including the associated private key) has been stored on an Axalto smart card, and the recovery workstation has been configured with the Axalto software and a smart card reader. Insert your smart card into the reader and authenticate to the smart card software. This will make any certificates stored on the smart card available to your local certificate store.
1. Launch the Access utility.
2. Choose File and click Open File(s). Navigate to the encrypted file or files to be recovered, then click Open.
3. The file(s) will be listed in the main window of the Access utility.
4. Select the file(s) to be recovered and click Decrypt.
5. Insert your smart card when prompted, then click OK.