You don't have to specify anything. You can use any certificate that has
this purpose "Encrypting File System (1.3.6.1.4.1.311.10.3.4)". Other that
this it can come from any CA server or can even be self signed.
If this doesn't help, explain what you need to do and maybe we can suggest
another solution.
Certificate Authorities will implement that by default. User certificates and many
others can be used for EFS. There is also a certificate just for EFS encryption. If
you want to see what certificate templates are already configured on a CA, open the
Certificate Authority mmc snapin and find the CA and go to policy settings to see the
current certificate templates available. From there select new/certificate to issue
to see the other available templates. Be sure to read the EFS best practices link
below if you have not done so yet. --- Steve
