http://blogs.technet.com/b/pki/archive/2012/01/23/efs-certificates-may-be-recovered-as-cng-certificates-when-capi-csp-is-required.aspxIf a Key Recovery Agent (KRA) certificate is stored in a Cryptography Next Generation (CNG) Key Service Provider (KSP), the certutil -RecoverKey command will by default recover a key as a CNG certificate. This default behavior could cause an issue ifen-USTelligent Evolution Platform Developer Build (Build: 5.6.50428.7875)