Carbonite Support > Managing Your Private Encrypti...

Our product offerings have been renamed. Carbonite Home Backup is now Carbonite Safe Backup, and Carbonite Office Backup is now Carbonite Safe Backup Pro.

Managing Your Private Encryption Key for Carbonite Safe

  • This article is for Windows only

During the initial installation, Carbonite Safe allows you to manage your own encryption key for Windows computers. If you choose to manage your own encryption key, Carbonite will prompt you to save a .PEM file which Carbonite will reference to encrypt your files before backing them up to our servers. Managing your own encryption will make it so you are the only person capable of installing the Carbonite subscription. We recommend that you do not manage encryption keys unless you have a special need to do so given the risk of data loss.

Carbonite does not keep a copy of your private encryption key. If you lose the encryption key file or no longer have the password, Carbonite will be unable to restore the data. In addition, you will be unable to use Anytime Anywhere Access or request Courier Recovery.

The sections below are collapsed. Please click the section title to open / close a particular section.

Installing Carbonite and Managing Your Encryption Key

To manage your private encryption key, you will need to configure Carbonite during the initial installation.

If you did not opt in to manage your own encryption key during installation of Carbonite, you will be unable to switch the encryption method. However, you can request to have your backup deleted and start a new backup to enable the encryption.

Click advanced settings at the bottom of the Automatic settings page.

Carbonite Client: Click advanced settings

After choosing your initial backup preferences and specifying whether you would like to set a backup schedule, you’ll be able to opt to manage your encryption key.

On the Encryption key page, select the Manage your own encryption key option and click Next.

Carbonite Client: Click Manage my own encryption key

Check I understand I will not be able to restore my files if I lose my key checkbox and click Save my encryption key to choose a location to save your private encryption key.

We recommend that you save the encryption key to removable storage or to a separate physical location such a safe box. You can add a password for your encryption key, by clicking Password protect your encryption key and fill out the appropriate fields. If you choose this option, the password will be required to unlock the encryption key file.
Carbonite Client: Click Manage my own encryption key

Select a location to save the file and click OK.

Windows Explorer: Browse to the folder you wish to save the file and click OK

After you confirm that the encryption key has been saved, click Start Backing Up to continue with the installation.

If you decide later that you want Carbonite to manage your private encryption key, you can upload your .PEM key through your Carbonite account.
Reinstalling Carbonite with Your Private Encryption Key

Each time you reinstall Carbonite, you will need to reference the private encryption key. You will also need to know your encryption key password, if you created one.

To load your encryption key, select Browse... to the right of the Load encryption key field.

Carbonite Client: Click Browse

Browse to the location of your encryption key and click Open.

The encryption key will have the .PEM format.
Carbonite Client: Click Load Encryption Key

After the encryption is selected, enter the encryption key password (if applicable) and click Load Encryption Key.

If you did not create an encryption key password when you first installed Carbonite, leave the Encryption key password field blank.
Carbonite Client: Click Load Encryption Key

At this point, Carbonite will complete installing.

Uploading Your Private Encryption Key

Managing your private encryption key will disable the use of Anytime Anywhere Access and Courier Recovery. If you wish to enable these features, you will need to upload your private encryption key to Carbonite.

If you upload your private encryption key, Carbonite will manage the encryption key for you, so you no longer need to keep a copy of your key.

First, locate the encryption key file which was saved during the initial installation. By default, the file is named Carbonite-Encryption-Key.pem.

To upload your private encryption key, sign into your Carbonite account with the button below.

Sign In

From the Computer options dropdown, click Upload my encryption key.

Carbonite Safe Portal: From the Computer options dropdown, click Upload my encryption key

Click Choose File to choose the encryption key file and click OK.

Carbonite Safe Portal: Click Choose File to select the .PEM file and click OK once the file is selected

Click Upload Key File to allow Carbonite to manage your encryption key.

Carbonite Safe Portal: Click Upload Key File to upload the selected .PEM to Carbonite

Your encryption key is now managed by Carbonite.

Feedback