The present invention provides a computer implemented method, data processing system, and computer program product to restore an encrypted file. A computer receives a command to restore an encrypted file, wherein the encrypted file was previously backed up. The computer identifies a user associated with the encrypted file. The computer looks up a first keystore of the user based on the user, the first keystore having an active private key. The computer determines that a public key of the encrypted file fails to match an active public key of the first keystore. The computer restores a second keystore of the user to form a restored private key, wherein the second keystore was previously backed up. The computer responsive to a determination that the public key of the encrypted file fails to match the active public key of the first keystore, decrypts the encrypted file encryption key based on the restored private key to form a file encryption key. The computer encrypts the file encryption key with the active private key of the first keystore.