Windows 8 EFS: How to tell windows to use "this" certificate for EFS encryption?
First, decrypt everything. This way you don't have to worry about a mess of conflicting security certificates.
Second, log in as an administrator and perform these steps.
Open Certificate Manager by clicking the Start button , typing certmgr.msc into the Search box, and then pressing ENTER. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
Click a folder, click the Action menu, point to All Tasks, and then click Import.
Click Next, and then follow the instructions.
Note
If you click Browse to search for a certificate when using the Certificate Import Wizard, be aware that the Open dialog box only displays X.509 certificates by default. If you want to import another type of certificate, select the certificate type you want to import in the Open dialog box.
As long as the certificates intended purposes includes Encrypting File System, you'll be able to use it.
After the new certificate is installed and you've tested it, delete the old self-signed security certificate.
Third, encrypt whatever you need encrypted.
Go to Control Panel -> User Accounts -> User Accounts.
In the left menu, select:
Manage your file encryption certificates
This launches a little wizard:
that lets you view your currently installed certificates, and select which one is your current one:
In my case, after my Windows 10 reinstall i want to use use my existing, backed up, EFS key from 5 years ago:
And the wizard even presents a UI to have it re-encrypt files that were encrypted with the old key: