• Purpose of CryptoPro CSP. Purpose CryptoPro CSP Software CryptoPro csp version 3 x


    As a rule, the idea to download Cryptopro 3.9 R2 for Windows 10 appears among entrepreneurs with a lot of paperwork. However, the product is also suitable for everyday purposes, because electronic signatures are increasingly becoming part of the life of an ordinary person.

    Peculiarities

    Cryptopro 3.9 R2 is a multifunctional cryptographic software. The latest, most current version is used on any Windows 10 device, including tablets. The scope of application of this program is very extensive:
    • Protection of the authorship of documents;
    • Ensuring secure document flow;
    • Working with electronic signatures;
    If you care about the security of your document flow, then downloading Cryptopro 3.9 R2 will be the right decision. This is a domestic development, and although it deals with very complex issues in technical terms, working with the program is very simple. Of course, if you have little idea what Cryptopro is, then it’s better to first study the documentation and only then get started.

    The installation takes place in several stages, but to avoid mistakes, download the correct version - x32/x64 bits. And if your computer is running without , then even the most powerful cryptographic protection of documents will not protect you from possible penetration. Therefore, we recommend installing

    CryptoPro CSP 5.0 is a new generation of crypto provider, developing three main product lines of the CryptoPro company: CryptoPro CSP (classic tokens and other passive storage of secret keys), CryptoPro FKN CSP/Rutoken CSP (unretrievable keys on tokens with secure messaging) and CryptoPro DSS (keys in the cloud).

    All the advantages of products from these lines are not only preserved, but also multiplied in CryptoPro CSP 5.0: the list of supported platforms and algorithms is wider, performance is higher, and the user interface is more convenient. But the main thing is that working with all key media, including keys in the cloud, is now uniform. To transfer the application system in which CryptoPro CSP of any version worked to support keys in the cloud or to new media with non-removable keys, no software reworking will be required - the access interface remains the same, and work with the key in the cloud will occur exactly the same in the same way as with the classic key carrier.

    Purpose of CryptoPro CSP

    • Generating and verifying an electronic signature.
    • Ensuring confidentiality and monitoring the integrity of information through its encryption and imitation protection.
    • Ensuring authenticity, confidentiality and imitational protection of connections using the and protocols.
    • Monitoring the integrity of system and application software to protect it from unauthorized changes and violations of trusted functioning.

    Supported Algorithms

    In CryptoPro CSP 5.0, along with Russian ones, foreign cryptographic algorithms are implemented. Now users have the opportunity to use familiar key media to store RSA and ECDSA private keys.

    Supported key storage technologies

    Cloud token

    In the cryptoprovider CryptoPro CSP 5.0, for the first time, it became possible to use keys stored on the CryptoPro DSS cloud service through the CryptoAPI interface. Now keys stored in the cloud can be easily used by any user applications, as well as most Microsoft applications.

    Media with non-retrievable keys and secure messaging

    CryptoPro CSP 5.0 adds support for media with non-retrievable keys that implement the protocol SESPAKE, allowing authentication without transmitting the user’s password in clear text, and establishing an encrypted channel for the exchange of messages between the crypto provider and the carrier. An attacker located in the channel between the medium and the user's application can neither steal the authentication password nor replace the signed data. When using such media, the problem of secure work with non-removable keys is completely solved.

    The companies Active, InfoCrypt, SmartPark and Gemalto have developed new secure tokens that support this protocol (SmartPark and Gemalto starting from version 5.0 R2).

    Media with non-removable keys

    Many users want to be able to work with non-retrievable keys, but not upgrade tokens to the FKN level. Especially for them, the provider has added support for the popular key carriers Rutoken EDS 2.0, JaCarta-2 GOST and InfoCrypt VPN-Key-TLS.

    List of manufacturers and models supported by CryptoPro CSP 5.0

    List of manufacturers and models of media with non-removable keys supported by CryptoPro CSP 5.0
    Company Carrier
    ISBC Esmart Token GOST
    Assets Rutoken 2151
    Rutoken PINPad
    Rutoken EDS
    Rutoken EDS 2.0
    Rutoken EDS 2.0 2100
    Rutoken EDS 2.0 3000
    Rutoken EDS PKI
    Rutoken EDS 2.0 Flash
    Rutoken EDS 2.0 Bluetooth
    Rutoken EDS 2.0 Touch
    Smart card Rutoken 2151
    Smart card Rutoken EDS 2.0 2100
    Aladdin R.D. JaCarta-2 GOST
    Infocrypt InfoCrypt Token++ TLS
    InfoCrypt VPN-Key-TLS

    Classic passive USB tokens and smart cards

    Most users prefer fast, cheap and convenient key storage solutions. As a rule, preference is given to tokens and smart cards without cryptographic coprocessors. As in previous versions of the provider, CryptoPro CSP 5.0 retains support for all compatible media produced by the companies Active, Aladdin R.D., Gemalto/SafeNet, Multisoft, NovaCard, Rosan, Alioth, MorphoKST and SmartPark.

    In addition, of course, methods for storing keys in the Windows registry, on a hard drive, on flash drives on all platforms are still supported.

    List of manufacturers and models supported by CryptoPro CSP 5.0

    List of manufacturers and models of classic passive USB tokens and smart cards supported by CryptoPro CSP 5.0
    Company Carrier
    Alioth SCOne Series (v5/v6)
    Gemalto Optelio Contactless Dxx Rx
    Optelio Dxx FXR3 Java
    Optelio G257
    Optelio MPH150
    ISBC Esmart Token
    Esmart Token GOST
    MorphoKST MorphoKST
    NovaCard Cosmo
    Rosan G&D element V14 / V15
    G&D 3.45 / 4.42 / 4.44 / 4.45 / 4.65 / 4.80
    Kona 2200s / 251 / 151s / 261 / 2320
    Kona2 S2120s/C2304/D1080
    SafeNet eToken Java Pro JC
    eToken 4100
    eToken 5100
    eToken 5110
    eToken 5105
    eToken 5205
    Assets Rutoken 2151
    Rutoken S
    Rutoken KP
    Rutoken Lite
    Rutoken EDS
    Rutoken EDS 2.0
    Rutoken EDS 2.0 3000
    Rutoken EDS Bluetooth
    Rutoken EDS Flash
    Smart card Rutoken 2151
    Smart card Rutoken Lite
    Smart card Rutoken EDS SC
    Smart card Rutoken EDS 2.0
    Aladdin R.D. JaCarta GOST
    JaCarta PKI
    JaCarta PRO
    JaCarta LT
    JaCarta-2 GOST
    Infocrypt InfoCrypt Token++ lite
    Multisoft MS_Key isp.8 Hangar
    MS_Key ESMART use.5
    SmartPark Master's degree
    R301 Foros
    Oscar
    Oscar 2
    Magister's Rutoken

    CryptoPro Tools

    As part of CryptoPro CSP 5.0, a cross-platform (Windows/Linux/macOS) graphical application appeared - “CryptoPro Tools”.

    The main idea is to provide users with the opportunity to conveniently solve common problems. All basic functions are available in a simple interface - at the same time, we have also implemented a mode for advanced users, which opens up additional opportunities.

    Using CryptoPro Tools, the tasks of managing containers, smart cards and crypto provider settings are solved, and we have also added the ability to create and verify a PKCS#7 electronic signature.

    Supported Software

    CryptoPro CSP allows you to quickly and securely use Russian cryptographic algorithms in the following standard applications:

    • office suite Microsoft Office;
    • mail server Microsoft Exchange and client Microsoft Outlook;
    • products Adobe Systems Inc.;
    • browsers Yandex.Browser, Sputnik, Internet Explorer,Edge;
    • application signature generation and verification tool Microsoft Authenticode;
    • web servers Microsoft IIS, nginx, Apache;
    • Remote Desktop Tools Microsoft Remote Desktop Services;
    • Microsoft Active Directory.

    Integration with the CryptoPro platform

    From the very first release, support and compatibility with all our products are provided:

    • CryptoPro CA;
    • CA Services;
    • CryptoPro EDS;
    • CryptoPro IPsec;
    • CryptoPro EFS;
    • CryptoPro.NET;
    • CryptoPro Java CSP.
    • CryptoPro NGate

    Operating systems and hardware platforms

    Traditionally, we work in an unrivaled wide range of systems:

    • Microsoft Windows;
    • Mac OS;
    • Linux;
    • FreeBSD;
    • Solaris;
    • Android;
    • Sailfish OS.

    hardware platforms:

    • Intel/AMD;
    • PowerPC;
    • MIPS (Baikal);
    • VLIW (Elbrus);
    • Sparc.

    and virtual environments:

    • Microsoft Hyper-V
    • VMWare
    • Oracle Virtual Box
    • RHEV.

    Supported by different versions of CryptoPro CSP.

    To use CryptoPro CSP with a workstation and server license.

    Interfaces for embedding

    For integration into applications on all platforms, CryptoPro CSP is available through standard interfaces for cryptographic tools:

    • Microsoft CryptoAPI;
    • PKCS#11;
    • OpenSSL engine;
    • Java CSP (Java Cryptography Architecture)
    • Qt SSL.

    Performance for every taste

    Years of development experience allows us to cover all solutions from miniature ARM boards such as Raspberry PI to multiprocessor servers based on Intel Xeon, AMD EPYC and PowerPC, with excellent performance scaling.

    Regulatory documents

    Complete list of regulatory documents

    • The crypto provider uses algorithms, protocols and parameters defined in the following documents of the Russian standardization system:
    • R 50.1.113–2016 “Information technology. Cryptographic information protection. Cryptographic algorithms accompanying the use of electronic digital signature algorithms and hashing functions" (also see RFC 7836 "Guidelines on the Cryptographic Algorithms to Accompany the Usage of Standards GOST R 34.10-2012 and GOST R 34.11-2012")
    • R 50.1.114–2016 “Information technology. Cryptographic information protection. Elliptic curve parameters for cryptographic algorithms and protocols" (also see RFC 7836 "Guidelines on the Cryptographic Algorithms to Accompany the Usage of Standards GOST R 34.10-2012 and GOST R 34.11-2012")
    • R 50.1.111–2016 “Information technology. Cryptographic information protection. Password protection of key information"
    • R 50.1.115–2016 “Information technology. Cryptographic information protection. "Shared Key Generation Protocol with Password Authentication" (also see RFC 8133 The Security Evaluated Standardized Password-Authenticated Key Exchange (SESPAKE) Protocol ")
    • Methodological recommendations TC 26 “Cryptographic information protection” “Use of sets of encryption algorithms based on GOST 28147-89 for the transport layer security protocol (TLS)”
    • Methodological recommendations TC 26 “Cryptographic information protection” “Use of GOST 28147-89, GOST R 34.11 and GOST R 34.10 algorithms in cryptographic messages in CMS format”
    • Technical specification TC 26 “Cryptographic information protection” “Use of GOST 28147-89, GOST R 34.11-2012 and GOST R 34.10-2012 in the IKE and ISAKMP key exchange protocols”
    • Technical specification TC 26 “Cryptographic information protection” “Use of GOST 28147-89 when encrypting attachments in IPsec ESP protocols”
    • Technical specification TC 26 “Cryptographic information protection” “Use of GOST R 34.10, GOST R 34.11 algorithms in the certificate profile and certificate revocation list (CRL) of the X.509 public key infrastructure”
    • Technical specification TC 26 “Cryptographic information protection” “Extension of PKCS#11 for the use of Russian standards GOST R 34.10-2012 and GOST R 34.11-2012”
    • Generation of electronic signature keys and approval keys
    • Generating and verifying an electronic signature
    • Import of software-generated private ES keys - to enhance their security
    • Updating the installation base of the cryptoprovider "CryptoPro CSP"

    Peculiarities

    The main feature (previously the product was called "CryptoPro eToken CSP") is the use of functional key carrier (FKN) technology.

    Functional key carrier (FKN)- architecture of software and hardware products based on smart cards or USB tokens, implementing a fundamentally new approach to ensuring the secure use of a key on a smart card or USB token.

    Thanks to the presence of a secure communication channel between the token and the crypto provider, part of the cryptographic transformations, including the storage of private keys and digital signature keys in non-removable form, is transferred to a smart card or USB token.

    In addition to hardware generation of keys, their secure storage and generation of digital signatures in the microprocessor of the key carrier, the FKN architecture allows you to effectively resist attacks related to the substitution of a hash value or signature in the communication channel between the software and hardware parts of the CSP.

    In “CryptoPro FKN CSP” version 3.9, the key carrier is a specially developed JaCarta CryptoPro token, presented in the form factors of a smart card and a USB token.

    Included CIPF "CryptoPro FKN CSP" version 3.9 includes a specially developed JaCarta CryptoPro token with the ability to calculate digital signature using the FKN technology of the CRYPTO-PRO company and produced in the form factors of a USB token (in Nano or XL housing) or a smart card.

    JaCarta CryptoPro securely stores and uses private digital keys, performs mutual authentication of the CSP and the token, as well as strict two-factor authentication of the user-token owner.

    Key advantages of JaCarta CryptoPro

    • It is the fastest token among FKN devices (it is almost 3 times faster than existing products working with FKN in the speed of electronic signature generation - based on the Protocol for measuring the performance of FKN devices "CRYPTO-PRO" dated December 8, 2014).
    • The principle applied Secure by design– uses a secure microcontroller, designed to be secure for security purposes, has built-in protection at both the hardware and software levels against cloning, hacking and all other attacks known to date.
    • The generation of ES keys, approval keys, as well as the creation of ES occurs within the JaCarta CryptoPro token.
    • Uses a secure data transmission channel with the CryptoPRO FKN CSP software.

    Compound

    "CryptoPro FKN CSP" version 3.9 consists of two key components.

    1. USB token or JaCarta CryptoPro smart card:

    • is a functional key carrier (FKN), in which Russian cryptography is implemented in hardware;
    • allows you to safely store and use private keys;
    • generates an electronic signature “under the mask” - K(h), which allows you to protect the exchange channel between the token (smart card) and the crypto software provider (CSP);
    • performs mutual authentication of the CSP and the token and strict two-factor authentication of the user - the owner of the token.

    2. Crypto Provider (CSP):

    • is a high-level programming interface (MS CAPI) for external applications and provides them with a set of cryptographic functions;
    • from the signature “under the mask” received from the hardware token (smart card) - K(h), “removes” the mask K(s) and forms a “normal” signature, understandable for external applications

    Architecture of "CryptoPro FKN CSP" version 3.9


    Technical characteristics of the JaCarta CryptoPro token

    Microcontroller Specifications ManufacturerINSIDE Secure
    ModelAT90SC25672RCT
    EEPROM Memoryс72 KB
    Operating system characteristics operating systemAthena Smartcard Solutions OS755
    International certificatesCC EAL4+
    Supported crypto algorithmsGOST R 34.10-2001, GOST 28147-89, GOST R 34.11-94
    Supported Interfaces USBYes
    Contact interface (ISO7816-3)T=1
    Safety Certificates FSB of RussiaCertificate of conformity of the Federal Security Service of Russia No. SF/114-2734
    Certificate of conformity of the Federal Security Service of Russia No. SF/114-2735
    Supported OS Microsoft Windows Server 2003(32/64-bit platforms)
    Microsoft Windows Vista(32/64-bit platforms)
    Microsoft Windows 7(32/64-bit platforms)
    Microsoft Windows Server 2008(32/64-bit platforms)
    Microsoft Windows Server 2008 R2(32/64-bit platforms)
    CentOS 5/6(32/64-bit platforms)
    Linpus Lite 1.3(32/64-bit platforms)
    Mandriva Server 5(32/64-bit platforms)
    Oracle Enterprise Linux 5/6(32/64-bit platforms)
    Open SUSE 12(32/64-bit platforms)
    Red Hat Enterprise Linux 5/6(32/64-bit platforms)
    SUSE Linux Enterprise 11(32/64-bit platforms)
    Ubuntu 8.04/10.04/11.04/11.10/12.04(32/64-bit platforms)
    ALT Linux 5/6(32/64-bit platforms)
    Debian 6(32/64-bit platforms)
    FreeBSD 7/8/9(32/64-bit platforms)
    Execution time of cryptographic operations Importing a key3.2 op/s (USB token), 2.4 op/s (smart card)
    Creating a signature5.8 op/s (USB token), 3.9 op/s (smart card)
    Available Key Media Smart cardJaCarta CryptoPro
    USB tokenJaCarta CryptoPro

    Safety Certificates

    confirming that the cryptographic information protection tool (CIPF) "CryptoPro FKN CSP" Version 3.9 (version 1) complies with the requirements of GOST 28147-89, GOST R 34.11-94, GOST R 34.10-2001, the requirements of the FSB of Russia for encryption (cryptographic) class means KS1, requirements for electronic signature tools, approved by order of the FSB of Russia dated December 27, 2011 No. 796, established for class KS1, and can be used for cryptographic protection (creation and management of key information, encryption of data contained in the RAM area, calculation of the value hash functions for data contained in the RAM area, protection of TLS connections, implementation of electronic signature functions in accordance with Federal Law of April 6, 2011 No. 63-FZ "On Electronic Signature": creation of an electronic signature, verification of an electronic signature, creation of an electronic signature key, creation of a key for verifying an electronic signature) information that does not contain information constituting a state secret.

    confirming that the cryptographic information protection tool (CIPF) "CryptoPro FKN CSP" Version 3.9 (version 2) complies with the requirements of GOST 28147-89, GOST R 34.11-94, GOST R 34.10-2001, the requirements of the FSB of Russia for encryption (cryptographic) class means KS2, requirements for electronic signature tools, approved by order of the FSB of Russia dated December 27, 2011 No. 796, established for the KS2 class, and can be used for cryptographic protection (creation and management of key information, encryption of data contained in the RAM area, calculation of the value hash functions for data contained in the RAM area, protection of TLS connections, implementation of electronic signature functions in accordance with Federal Law of April 6, 2011 No. 63-FZ "On Electronic Signature": creation of an electronic signature, verification of an electronic signature, creation of an electronic signature key, creation of a key for verifying an electronic signature) information that does not contain information constituting a state secret.

    Installation of CryptoProCSP 3.0 +

    eToken "RTE"versions 3.66 / RuToken "rtDrivers" +

    certificates of authorized persons

    Certification Center of Khanty-Mansi Autonomous Okrug-Yugra

    This manual has been tested for Russian-speaking operating system (hereinafter referred to as OS) Windows XP (32-bit). For additional information on installing and configuring CryptoPro CSP products and driver distributions for key media eToken and RuToken, please refer to the corresponding sections of the official websites of the development companies "CRYPTO-PRO", "" and "RUTOKEN".

    Before following the instructions, find out the bitness of your OS (32 or 64-bit), and also pay attention to the following recommendations:

    · Before installing the software, all previously installed versions must be removed. If old versions are not removed, new versions will not be installed. To do this, use the Windows main menu items: "Start" "Settings" "Control Panel" "Add or remove programs";

    · to use “CryptoPro CSP” version 3.0 together with key carriers eToken and RuToken, the corresponding mod, 7 and 8 instructions are required to be installed).

    NOTE!

    Means cryptographic information protection(hereinafter CIPF) “CryptoProCSP» version 3.0 NOT INTENDED to work with the following OS:Windows 98/ M.E., Windows NT4, Windows Vista(64-bit),Windows 7 (64-bit).


    Driver distributioneToken "RTE" version 3.66 DESIGNED for OS: Windows 95 OSR 2.1, Windows 98 and higher, Windows ME, WindowsNT 4.0SP6,Windows 2000SP4 and higher,WindowsXP(32-bit) and higher,Windows Server 2bit) and higher, Windows Vista (32-bit) and higher. Supported media types: eToken R2, eToken Pro 16k, eToken Pro 32k, eToken Pro 32k v4.2 (also with the inscription FSTEC and the coat of arms of the Russian Federation). For all models of USB keys and eToken smart cards, EXCEPT eToken PRO (JAVA) and eToken GT.

    Driver distributionRuToken "rtDrivers" DESIGNED for OS: Windows 7 (32/64-bit), Windows Server 2/64-bit), Windows Vista (32/64-bit) and higher, Windows Server 2/64-bit) and higher, Windows XP (32/64-bit) and higher 64-bit) and higher, Windows 2000 and higher.

    · eToken "RTE" version 3.66 + reader support moduleeToken installed on the OSWindowsXP (32-bit).

    · CIPF "CryptoPro CSP" version 3.0 + drivers forRuToken “rtDrivers” (32-bit) + reader support moduleRuToken (32-bit) installed on the OSWindowsXP (32-bit).

    1. List of required software.. 3

    2. Installation of CIPF “CryptoPro CSP” 3.0. 3

    3. Installing the driver for eToken media. 8

    4. Setting up the eToken reader in the CryptoPro CSP 3.0 CIPF. 11

    5. Setting up the eToken carrier in the CryptoPro CSP 3.0 CIPF. 19

    6. Installing the driver for RuToken media. 27

    7. Installation of the RuToken media support module for CIPF “CryptoPro CSP” 3.0. 29

    8. Setting up the RuToken reader in the CryptoPro CSP 3.0 CIPF. 31

    9. Installation of certificates of authorized persons of the CA.. 38

    10. Installing the certificate from the key media into the “Personal” storage. 42

    1. List of required software

    1) CIPF “CryptoPro CSP” version 3.0 – http://ca. *****/files/csp-sp3-kc1-rus. exe.

    2) Driver distribution for working with eToken key media (blue) – http://ca. *****/files/rte_3.66.zip.

    3) eToken key media support module –

    http://ca. *****/files/reader. zip.

    4) Driver distribution for working with RuToken key media (red) –

    http://ca. *****/files/rtDrivers. exe. zip.

    5) RuToken key media support module –

    http://ca. *****/files/rtSup_CryptoPro. exe. zip.

    6) Certificate of authorized person 1 – http://ca. *****/files/certnew3.p7b.

    Authorized Person Certificate 2 – http://ca. *****/files/certnew4.p7b.

    Authorized Person Certificate 3 – http://ca. *****/files/cacer2.cer.

    Certificates in one archive – http://ca. *****/files/Certs. rar.

    2. Installation of CIPF “CryptoPro CSP” 3.0

    1) Download and run the CIPF distribution file “CryptoPro CSP” version 3.0 – csp - sp 3- kc 1- rus . exe "Next" .

    2) In the window "License Agreement" select item "I accept the terms of the license agreement" and press the button "Next" .

    3) In the window "User Information" fill in the fields "User" , "Organization" , enter "Serial number" (issued on paper – License for “CryptoPro CSP”) and click the button "Next" .


    4) In the window "View installation" select item "Regular" and press the button "Next" .

    5) In the next window, click the button "Install" . The installation process of “CryptoPro CSP” version 3.0 will begin.

    6) Wait for the installation to complete. If the installation is successful, a window will appear with

    inscription " InstallShield Wizard Completed " . Click the button " Ready " .

    Yes " and restart your computer before performing the following steps.

    Installation of CIPF« CryptoPROCSP» version 3.0completed.

    3. Installing the driver for eToken media

    NOTE!

    DISCONNECT key mediaeTokenfromUSB-ports.

    rte_3.66.zip ; open, unpack it and run the distribution file “RTE” version 3.66 – RTE _3.66. msi . After this, the installation wizard will start. In the window that appears, click the button " Next " ("Next") .

    2) In the window " End - User License Agreement " ("License Agreement") select item " I accept the license agreement " ("I accept the terms of the license agreement") and press the button " Next " ("Next") .

    3) In the window that appears, click the button " Next " ("Next") to begin the installation process of the RTE driver version 3.66.

    4) Wait for the installation to complete. If the installation is successful, a window will appear with

    inscription " eToken Run Environment 3.66 has been successfully installed " ("Driver installation program eToken 3.66 completed successfully") . Click the button " Finish " (" Ready ") .

    Installing the driver distribution« RTE» version 3.66for key mediaeToken completed.

    4. Setting up the eToken reader in the CryptoPro CSP 3.0 CIPF

    1) Click "Start" , select item "Control Panel . In the window "Control Panel" find and run the utility "CryptoPro CSP" . In the window that opens "Properties of CryptoPro CSP" select tab "Equipment" and in the field "Readers private keys" click the button "Configure readers" .

    2) A window will appear in which the readers available at the moment will be listed. To add eToken click the button "Add" .

    "Next" .

    4) In the next window, click "Install from disk" .

    "Next" .

    6) In the window that opens "Install from disk"

    · paragraph " CryptoPro Server " (option 1). In this case « CryptoPro CSP 3.0 »

    · paragraph "Specify location" (option 2) you need to choose if there is no or poor connection to the Internet, having first downloaded the utility “Reader support modules for CryptoPro CSP 3.0” from the website of the KhMAO-Yugra Certification Center (hereinafter referred to as CA) - http://ca. *****/files/reader. zip. After which, using the key "Review" reader .

    "Next" . Recommended use option 1 software search.

    Option 1

    Option 2

    « AKS ifdh 0 » and press "Next" .

    "Next" .

    "Ready" .

    « AKS ifdh X » "Available Readers"

    Reader setupeToken in CIPF

    5. Configuring eToken media in CIPF “CryptoPro CSP” 3.0

    1) Click "Start" , select item "Control Panel . In the window "Control Panel" find and run the utility "CryptoPro CSP" . In the window that opens "Properties of CryptoPro CSP" select tab "Equipment" and in the field "Key media" click the button "Tune carriers" .

    2) In the window that appears "Key management carriers" click the button "Add" .

    3) The Key Media Installation Wizard will start. You must continue the wizard by clicking "Next" .

    4) In the next window, click the button "Install from disk" .

    5) The Search and Install Support Library Wizard will start. You must continue the wizard by clicking "Next" .

    6) In the window that opens "Install from disk" you need to select a method to search for the required software:

    · paragraph " CryptoPro Server " (option 1). In this case « CryptoPro CSP 3.0 » will begin downloading the software in real time via an Internet connection.

    · paragraph "Specify location" (option 2) you need to select if there is no or poor connection to the Internet, having first downloaded the utility “Reader support modules for CryptoPro CSP 3.0” from the CA website - http://ca. *****/files/reader. zip. After which, using the key "Review" , indicate the location where the unzipped folder of the downloaded reader support module is located – reader .

    Select the method that suits you and click the button "Next" . Recommended use option 1 software search.

    8) The selected installer will be installed. When installation is complete, you must press "Ready" .

    9) In the window that appears, select the media type in accordance with the model indicated on the casing of the media you have. Click "Next" .

    10) It is necessary to confirm the selection of the key carrier (it is recommended not to change the reader name) by pressing the key "Next" .

    11) In the window "Configuring usage settings eToken" press the key "Next" .

    12) This will complete the Key Media Installation Wizard. Click "Ready" .

    Media setupeToken in CIPF

    "CryptoPro CSP 3.0" is completed.

    6. Installing the driver for RuToken media

    NOTE!

    Before you start installing drivers DISCONNECT key mediaRuTokenfromUSB-ports.

    1) Download the archive with the driver distribution – rtDrivers. exe. zip ; open, unpack it and run the distribution file “rtDrivers. exe. zip" – rtDrivers. x86.v.2.86.00.0460.exe . After this, the installation wizard will start. In the window that appears, click the button "Next" .


    2) In the window "The program is ready to install Rutoken Drivers" click the button "Install"

    3) Wait for the installation to complete. If the installation is successful, a window will appear with

    inscription " Rutoken drivers installed successfully! " . Click the button "Ready" .

    Next."

    2) In the window "The program is ready to install Support Modules Rutoken For CryptoPro CSP " click the button "Install" to begin the installation process.


    3)Wait for the installation to complete. If the installation is successful, a window will appear with

    inscription " Support modules Rutoken For CryptoPro CSP installed successfully! " . Click the button "Ready" .


    Installing the support module distribution« rt4CryptoPro» for key mediaRuToken completed.

    8. Setting up the RuToken reader in the CryptoPro CSP 3.0 CIPF

    1) Click "Start" , select item "Control Panel . In the window "Control Panel" find and run the utility "CryptoPro CSP" . In the window that opens "Properties of CryptoPro CSP" select tab "Equipment" and in the field "Readers private keys" click the button "Configure readers" .

    2) A window will appear in which the readers available at the moment will be listed. To add RuToken click the button "Add" .

    3) The reader installation wizard will start. You must continue the wizard by clicking "Next" .

    4) In the next window, click "Install from disk" .

    5) The Search and Install Support Library Wizard will start. You must continue the wizard by clicking "Next" .

    6) In the window that opens "Install from disk" you need to select an item " CryptoPro Server " . In this case « CryptoPro CSP 3.0 » will begin downloading the software in real time via an Internet connection. Click the button "Next" .

    9) After this, a window will appear showing how to select the appropriate reader. Select reader « Aktiv *****Token 0 » and press "Next" .

    10) It is necessary to confirm the selection of the reader (it is recommended not to change the reader name) by pressing the key "Next" .

    11) You must confirm the completion of the reader installation wizard by pressing "Ready" .

    12) After completing the wizard, the corresponding reader will appear in the list. To add all media to the list of installed readers « Aktiv *****Token X » (where X is the media number) follow steps 1–4, then in the window "Available Readers" select the next media and follow steps 9–11.

    Reader setupRuToken in CIPF “CryptoPro CSP 3.0” has been completed.

    9. Installation of certificates of authorized persons of the CA

    NOTE!

    You must install each downloaded certificate.

    1) Right-click once on the downloaded certificate file and select "Install certificate" .

    2) The certificate is installed using the Certificate Import Wizard. Press the key "Next" .

    3) In the window that appears, select the item "Place all certificates in the following store" , press the key "Review…" .

    4) Select the storage called "Trusted Root Certification Authorities" . Click "OK" .

    5) A window will appear with the selected location for the certificate. Click "Next" .

    6) In the Certificate Import Wizard Complete window, click "Ready" .

    7) In the security warning window that appears, click the button "Yes" .

    8) At the end, the import wizard will notify you that the certificate import was successful. Click " OK " .

    Installation of the authority certificate is complete.

    10. Installing the certificate from the key media into the “Personal” storage.

    1) Connect the key media on which the electronic signature is located.

    2) Click "Start" and select "Control Panel" . Find and run the utility "CryptoPro CSP " . In the window that opens "Properties of CryptoPro CSP" select tab "Service" . Click the button "View certificates in container..." .

    Certificates in a closed container key" . Click the button "Review... " .

    3) In the window that appears, select the desired reader and click " OK " .

    4) A window for entering a pin code for the selected container may appear, into which you must enter the secret password issued on paper along with the key phrase when receiving an electronic signature. After entering the appropriate password, click

    10) Select the storage called "Personal" . Click "OK" .

    11) A window will appear with the selected location for the certificate. Click "Next" .

    12) In the Certificate Import Wizard completion window, click "Ready" .

    13) At the end, the import wizard will notify you that the certificate import was successful. Click " OK " .

    Installing a certificate from electronic media

    in the "Personal" storage is completed.

    Read more: