Once the validation of FileVaultMaster keychain file is complete, ensure you delete the 'FileVaultMaster Password Key' (private key).
- Navigate to FileVault Master Password Key > Delete "FileVault Master Password Key" and select Delete to confirm deletion of the private key.
- Enter your administrative User Name and Password.
- Select Modify Keychain.
By the end of this step, you have a FileVaultMaster.keychain file which does not contain the private key. This Keychain can be placed in \Library\Keychains in order to manually enable FileVault2 encryption with an Corporate Recovery Key.