Home Accounts How to copy an electronic one. Copying a flash drive with private keys. How to copy a container with a certificate to another medium? How to find out the version of CryptoPro CSP. Installation via menu install personal certificate

How to copy an electronic one. Copying a flash drive with private keys. How to copy a container with a certificate to another medium? How to find out the version of CryptoPro CSP. Installation via menu install personal certificate

If the electronic signature was issued to the PC registry, then you can copy it to a medium using the following instructions.

Step 1. Open CryptoPro and go to the “Service” tab, then click on the “Copy” button as shown in the instructions.

Step 2. In the window that appears, click the “Browse” button to select the electronic signature container you need to copy.

Step 3. In the list of existing containers that appears, select the container you need, which you need to copy to the media and click the “OK” button.

Step 4. Confirm the action by clicking the “Next” button in the window that appears

Step 5. In the window that appears, specify the name of the new container that will be created on the media. The name in the field is entered automatically, so you can simply leave it unchanged. Click the "Done" button.

Step 6. A media selection window will appear. Select the desired medium from the list to which you want to copy the electronic signature. In order to understand which media to select from the list, look at the “Inserted media” field: it will either say “Media is missing,” which means you have selected a non-existent media, or the media name will appear similar to the name in the screenshot. Select and click OK.

Step 7. After you select the media, a window will appear to enter the PIN code for the new electronic signature container. We recommend entering the standard PIN code “12345678”, because... clients often forget or lose their PIN codes, after which the electronic signature has to be reissued. You can set your (different) PIN if you are sure that you will not lose it. After entering the PIN code, click the "OK" button.

Ready. Now the electronic signature container has been copied to the selected medium and you can use it.

If you don’t want to understand these details, we will help. You can even call our engineer to your office.

Copy using Windows

If you use a floppy disk or flash drive for work, you can copy the container with the certificate using Windows (this method is suitable for versions CryptoPro CSP not lower than 3.0). Place the folder with the private key (and, if there is one, the certificate file - the public key) in the root of the floppy disk / flash drive (if you do not place it in the root, then working with the certificate will be impossible). It is recommended not to change the folder name when copying.

The folder with the private key should contain 6 files with the extension .key. As a rule, the private key contains a public key (the header.key file in this case will weigh more than 1 KB). In this case, it is not necessary to copy the public key. An example of a private key is a folder with six files and a public key is a file with the .cer extension.

Private key Public key

Copy to Diagnostics profile

1. Go to the “Copying” Diagnostics profile using the link.

2. Insert the media to which you want to copy the certificate.

3. On the desired certificate, click on the “Copy” button.

If a password has been set for the container, the message “Enter the password for the device from which the certificate will be copied” will appear.

4. Select the media where you want to copy the certificate and click “Next”.

5. Give the new container a name and click on the “Next” button.

6. A message indicating that the certificate was successfully copied should appear.

Bulk copy

Download and run the utility. Wait for the entire list of containers/certificates to load and select the required checkboxes.
Select the Bulk Actions menu and click on the Copy Containers button.

3. Select the storage media for the container copy and click OK. When copying to the registry, you can check the box “Copy to the key container of the computer”, then after copying the container will be available to all users of this computer.

4. After copying, click the “Update” button at the bottom left.
If you want to work with copied containers, you need .

Copying using CryptoPro CSP

Select “Start” > “Control Panel” > “CryptoPro CSP”. Go to the “Service” tab and click on the “Copy” button.

In the Copy Private Key Container window, click on the Browse button .

Select the container you want to copy and click on the “Ok” button, then “Next”. If you are copying from a root token, an input window will appear in which you should enter a pin code. If you have not changed the pin code on the media, the standard pin code is 12345678.

Create and manually specify a name for the new container. Russian layout and spaces are allowed in the container name. Then click "Done".

In the Insert Blank Key Media window, select the media on which the new container will be placed.

You will be prompted to set a password for the new container. We recommend that you set a password that is easy for you to remember, but that others cannot guess or guess. If you do not want to set a password, you can leave the field blank and click OK.

Do not store your password/pin code in places where others have access. If you lose your password/pin code, using the container will become impossible.

If you copy the container to a ruToken smart card, the message will sound different. In the input window, enter your pin code. If you have not changed the pin code on the media, the standard pin code is 12345678.

After copying, the system will return to the “Service” tab of CryptoPro CSP. Copying is complete. If you plan to use a new key container to work in Externa, .

To perform any actions on the digital signature, copy the digital signature, delete or install it, you need the CryptoPro program installed on your computer.

In order to copy the digital signature, you need to go to Start-All Programs-CryptoPro and run the CryptoPro CSP file.
Next, go to the Service tab.

Click on the “Browse” button.

Select the required container and click “OK”.

Note:

In the image above, you can see the presence of two columns: On the left is the “Reader” column and on the right is the “Container Name” column. This information will help you decide which digital signature to copy.

The inscription “Register” in the reader column means that the digital signature is on the computer. Otherwise, the digital signature is located on some medium (flash drive, floppy disk or secure media). In the case shown in the image, there are three digital signatures recorded on the computer and one signature recorded on Rutoken.

You can understand which certificate you need to copy by looking at the “Container Name”. The “container name” is made up of serial number, date of issue of the certificate and name of the organization.

In the case we are considering, we choose the digital signature located on the protected Rutoken media.

Select and copy the container name, click “next”.

Paste the container name copied in step 5 into the “Key container name” field, add any few characters or spaces and click the “Finish” button.

Next, we need to select the location where we want to copy the digital signature. This could be a computer, a flash drive or secure media. And click ok.

Note:

In the case we are considering, we copy the digital signature to a flash drive by selecting its name in the list of devices. If you need to copy your digital signature to your computer, you should select “Register” from the list of devices.

Next, the system will ask you to create a password for the container. If you do not want to create a password, then leave the fields blank, as shown in the image. And just click “OK”.

This completes the digital signature copying.

VLSI uses the CryptoPro CSP program to work with keys. The key is in the container, and the container is on the carrier. In my work I use media: Rutoken, Jacarta, registry and flash drive. There is always one key in the container. You can place many containers on one carrier, as long as there is enough space.

CryptoPro doesn't see hard drive computer as a storage medium, so I can't copy the container to it!

You can copy the key in different ways. I know five.

CryptoPro CSP: Service - Copy. Figure 2. This is the main and universal method. I can select any key and copy it to any available media.
On the website online.sbis.ru: Employees - Electronic signatures- Other operations - Copy existing.
In the VLSI program: Taxpayer Creation Wizard - Make backup copy EP.
Key on the flash drive: copy a directory with extension .000, which contains 6 files.
Key in the registry: upload the registry branch to a file, replace the user code and load. At first glance it is difficult. But when there are a lot of keys, then this is the most quick way. When copying, the names of the containers are preserved. Search Yandex for words for 32 or 64.

Figure 1. Open CryptoPro

Figure 2. CryptoPro - Service

An example of transferring a key using CryptoPro

The registry is part of the operating system Windows systems. You cannot remove the registry or part of it from the computer and take it to a second one. You can copy the key from the registry to removable media. All removable media(flash drive, token) can be removed from the first PC and inserted into the second.

Let's say I have 5 keys in the registry, and I want to transfer them to the registry on a second computer.

First of all, I look through all the containers in CryptoPro (Service - View certificates in a container) and write them down on a piece of paper. I make a list: the first 3 letters of the container and a name that I understand.

Then I copy it to a flash drive (Service - Copy). When copying, I set a new name in Russian so that in the future it will be convenient for me to use it. Example, 1601 Dandelion, where 16 is 2016, 01 is January, Dandelion is Dandelion LLC.

I take the flash drive to the second computer and copy it from the flash drive to the registry in the same way. I add a dot at the end to the container name so that the names are different.

What's the password?

When the key is on a flash drive or in the registry, the user can set a password, and then each time the key is accessed, the password must be specified. To avoid typing the password every time, you can save the password. You can view the saved password with the command:

csptest -passwd -showsaved -container "container name"

When the key is on the token, then instead of the password for the key, the PIN code is used, which is specified when formatting the token.

My new post will be devoted to the Crypto Pro program, it seems to be nothing complicated, but I keep having problems with this software, either because I have to deal with it once or twice a year or because the software is like that, but in general I decided to make a reminder for myself and for you.

Task: Provide access to the Kontur Extern program on two machines, OK, let's get started.

What do we have: One already working key on the SD card.

What you will need: We need any SD card, USB flash drive You can also upload it to the registry or you can use the so-called RUtoken. I will install on RUtoken, and you can use any of the options.

Yes, another small note, if you have a domain computer, it is better to do all this under the administrator account.

And so let's get started

Find the program in the start menu or control panel,

Let's launch the program.

Go to the tab Service and press the button Copy.

You will be required to enter a password of any 8 characters. Enter the password and press Next.

In the next window, we need to set the name of the container (I always use the one that is convenient for me; we have 2 organizations and I use the name-01 and 02 markings; you can also use the organization’s TIN for separation.) and then click the button Finish.

Here you will once again need to enter the password for the new container, make the same one and click OK.

In the next dialog box, you need to select the media where to copy our container, I select RUtoken and you need to select the media where you are going to install the container.

Once you have chosen, click the button Next. Then Finish.

That's basically it, the key has been copied. All that remains is to install it for a specific user.

There are two options here:

Option 1.

Go to CryptoPro again, open the service tab and click on the button View the certificates in the container.

In the dialog box that opens, open the container we need and click the button OK. then press the button Next.

In the next window, click the U button become, if it is not there, then press button C troops.

In the window that opens, click the U button install a certificate. The certificate import wizard will open where you need to click Next.

In the window that opens, you need to leave everything as it is and click Next.

If the certificate is installed successfully you should see the following dialog box.

Option 2.

Installation via install menu personal certificate.

To install the certificate, we need the certificate file itself (a file with the extension .cer) it is located on the media where we copied it, in my case it is rutokin.

And so, open CryptoPro again and go to the tab Service and press the button Install a personal certificate.

In the window that opens, find this certificate by clicking on the button Review.

In the next dialog box, check the box next to Find container automatically, after which the program will automatically find the container you need. Then click the button Next.

Then a window may appear asking you to select the storage location for the certificate; you need to select Personal and click the button OK.

Then a dialog box may appear where you need to click a button Yes.

Then wait for a message about successful installation.

Then you need to remove your device to which the container with keys refers and insert it back, after the device is found you can try.

If you have any questions because different versions CryptoPro may undergo various changes, so if you ask, leave your comments, I will always be happy to help you.