← Back to Knowledge Base

KB #240135: Key Recovery Instructions

⏱️ 3 min read

Type:

Info

Summary:

You have lost the information regarding encryption keys, and need assistance to recover your keys.

Additional Information:

When you secure a service or application using the Administration Wizard, you have the option of creating a Key Recovery file. This is a default option. If you did not undo this default option, then you should have the files needed to recover the key.

The files to find are in the directory where the secured service or application resides:

For instance for SQL Server, you will find these files:
...MSSQLBinnsecservr.sec
...MSSQLBinnsecservr.seb

For MySQL, you will find these files:
...binmysqld.sec
...binmysqld.seb

If both of these files exist, then we will be able to help you. If they do not exist, then we are afraid that your options for key recovery beyond trial and error are limited.

In order to perform key recovery, we require a signed letter from an executive or officer of the company on company letterhead to be able to proceed.

This letter should state that NetLib Security Inc is authorized to take steps to discover the encryption key.
When the key is recovered we return the Key information in a password protected file.

This letter should also indicate the authorized person (provide contact name, email address and phone number) to receive the password protected file.
Also provide a second authorized person (contact name, email address and phone number) who will receive the password for the protected file containing the recovered key information – so that you can keep this information separated.

This letter should be scanned.

If you have been referred to this KB article as the result of already creating a case through our form, you can attach the scanned letter to a reply to the Case email sent to you.

If you are requesting key recovery and have not yet files a support case, then visit our support page (https://netlibsecurity.com/support/) and complete a support request requesting that the key be recovered. At the bottom of the support page, you can upload a file. You should upload the scanned letter as part of your request. You will receive an automatic reply with a case number.

Next, find the .sec and .seb files as noted above.

“ZIP” those two files together and attach to a reply email for the case.

Once the Encryption key is determined, we recommend that all databases are re-encrypted to a new known key or decrypted. If you do choose to re-encrypt to a new key, we recommend that the information to generate the key is kept in a secure document with your security officer, so that the it can be used later should there be personnel turnover.

Related Topics:

240102: Encrypted Databases not accessible (Recovery Pending, Suspect)

240085: SQL will not start – related articles

240086: fn_n_keycount() returns Zero, when greater than Zero expected

Was this article helpful?

Related Articles

KB #240072 : Log Shipping with Encryptionizer (driver v2008.401.40 and earlier)

Type: Tip Summary: Log Shipping is supported with the procedure outlined below, and only with…

KB #240058: Event ID for the system log entries for nlemsql are “not found”

Type: Known Issues Summary: You have secured your SQL instance with Encryptionizer and have selected…

KB #240146: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.

Type: Fixed. Summary: This issue has been addressed in Encryptionizer versions 2501.1.7.50217. If you have…

Still need help?

Our support team is here to assist you.

Contact Support 📞 1-877-367-1177
NetLib Security
AI Assistant · Online
Hi! I'm the NetLib Security assistant. I can answer questions about our encryption solutions, HIPAA compliance, Encryptionizer, and more. How can I help you today?