To copy a key container:
If the required media is not available:
Important! To use the generated key media, reinstall the certificate from the copied container:
- Open the “Start” menu - “Control Panel” - “CryptoPro CSP” - “Tools” - “View certificates in the container”.
- Click "Browse", select the desired container, click "Ok" and "Next".
- Click Install.
- When asked about replacing the certificate, please answer in the affirmative.
- Click "Finish" and "Ok".
The installed certificate is now bound to the container from which it was installed.
Video instructions for creating a copy of a key container.
taxcom.ru
How to copy digital signature to a flash drive
Copying an electronic signature from Rutoken or other media to a USB flash drive may be necessary to ensure the safety of the signature, for ease of use, or to transfer a copy to an authorized person.
Copying digital signatures from protected media is carried out using the CryptoPRO CSP program (current version 3.9).
We will need:
Copying digital signature from Rutoken to a flash drive
1. We insert into the computer at the same time a medium with an electronic signature (Rutoken) and a flash drive.
2. Launch the CryptoPRO CSP program. (all pictures in the instructions are clickable)
3. Open the Service tab
4. Click the Copy button...
5. In the window that opens, click the Browse... button.
6. In the window that opens, click on our certificate (digital signature key)
9. Enter the name of the new copy of the digital signature, for example - myetsp(copy)
10. Click Finish
11. In the window that opens, click on our flash drive
12. Click OK
13. Enter a new password for the copy, for example the same 12345678 in both lines
14. Click OK
After which the window will close, and a folder with a name similar to myetspoc.000 should appear on the flash drive - this is a copy of our digital signature. Now this file can be copied to an unlimited number of media or transmitted, if necessary, by email.
Be careful and attentive, an electronic digital signature is an analogue of your handwritten signature and seal!
You can set up a workplace for working with digital signatures on trading platforms for free in automatic mode. More details at the link: automatic digital signature setup
good-tender.ru
How to copy certificates in the CryptoPro program
My new post will be devoted to the Crypto Pro program, it seems to be nothing complicated, but all the time I have problems with this software, either because I have to deal with it once or twice a year or because the software is like that, but in general I decided to make a reminder for myself and for you.
Task: Provide access to the Kontur Extern program on two machines, OK, let's get started.
What we have: One already working key on the SD card.
What you need: We need any SD card, a USB flash drive can also be uploaded to the registry, or you can use the so-called RUtoken. I will install on RUtoken, and you can use any of the options.
Yes, just a small note, if you have a domain computer, it is better to do all this under the administrator account.
And so let's get started
Find the program in the start menu or control panel,
Let's launch the program.
Go to the Tools tab and click on the Copy button.
Next, click the Browse button and select the key we need to copy; I have it in the Description format. Select it and click Next.
You will be required to enter a password of any 8 characters. Enter the password and click Next.
In the next window, we need to set the name of the container (I always use the one that is convenient for me; we have 2 organizations and I use the name-01 and 02 markings; you can also use the organization’s TIN for separation.) and then click the Finish button.
Here you will once again need to enter the password for the new container, make the same one and click OK.
In the next dialog box, you need to select the media where to copy our container, I select RUtoken and you need to select the media where you are going to install the container.
That's basically it, the key has been copied. All that remains is to install it for a specific user.
There are two options here:
Option 1.
Go to CryptoPro again, open the service tab and click on the View certificates in the container button.
In the dialog box that opens, open the container we need and click OK. then click the Next button.
In the next window, click the Install button; if it is not there, click the Properties button.
In the window that opens, click the Install certificate button. The Certificate Import Wizard will open where you need to click Next.
In the window that opens, you need to leave everything as is and click Next.
If the certificate is installed successfully you should see the following dialog box.
Option 2.
Installation via the menu install a personal certificate.
To install the certificate, we need the certificate file itself (a file with the extension .cer) it is located on the media where we copied it, in my case it is rutokin.
And so, open CryptoPro again, go to the Service tab and click the Install personal certificate button.
In the window that opens, find this certificate by clicking on the Browse button.
In the next dialog box, check the box next to Find container automatically, after which the program will automatically find the container you need. Then click Next.
Then a window may appear asking you to select the storage location for the certificate; you need to select Personal and click OK.
Then a dialog box may appear where you need to click Yes.
Then wait for a message about successful installation.
Then you need to remove your device to which the container with keys refers and insert it back, after the device is found you can try.
If you have any questions because there may be various changes in different versions of CryptoPro, please leave your comments, I will always be happy to help you.
nn-lab.ru
How to copy a certificate to CryptoPro CSP - Programs and Applications
Programs and applicationsSometimes situations arise when you need to install a certificate with a key on another computer or make a backup copy of it. When working with USB flash drives, you can make a working copy of the private key using available Windows tools, the main condition is that you have CryptoPro CSP 3.0 installed.
Next, you need to follow the proposed instructions step by step, but it is worth remembering that a copy can only be made through a cryptographic information protection tool (cryptographic information protection tool), otherwise, for example, if you copy through Explorer, you will not be able to run the key on another computer.
Instructions for copying a certificate via CryptoPro CSP
1. Click on the CryptoPro CSP 3.0 shortcut or open it through Start – Control Panel.
2. In the system window, go to the “Equipment” tab and configure readers by selecting from the list of installed readers, then “Add”. Use “All removable drives” and “Registry” if they were not in the list.
4. In the next window that opens, run the “Browse” command in order to enter a name in the empty field. When choosing a name, first confirm the operation, and then click on the “Next” button. In some cases, when working with a root token, you may need to enter a password (PIN code) - enter the sequence 12345678.
5. Create a name for the container where the data is copied. The keyboard layout can be either Russian or Latin. Spaces are also allowed in the name. After defining the name, click "Done".
6. The system will then ask you to insert a blank key media onto which the container will be copied. Do this and click “OK”.
7. You can set a password for the created copy - this is an optional step, so you can simply click “OK” and leave the field empty. If the copy is made to a root token, then again you need to enter the standard security combination - 12345678.
The copying process will be completed when the system returns to the “Service” tab on the screen.
tdblog.ru
How to copy a private key container in CryptoPro?
Copying the private key container is a mandatory action when reinstalling the SBS on another computer. You can also copy the certificate if you want to create a spare digital signature key.
Copying a private key container to a flash drive, floppy disk or token is a rather complex process; in order to avoid errors, it is important to strictly follow our instructions.
CryptoPro: certificate copying
Step 1. Opening the CryptoPro program
To open the program follow this path:
Click the Start menu, then go to Programs ⇒ CryptoPro ⇒ CryptoPro CSP and turn on the Tools tab.
In the open Tools window, click the Copy container button.
Step 2: Copy the private key container
After clicking the Copy Container button, the system will display the Copy Private Key Container window.
In the open window, you must fill in the Key container name field.
Step 3. Entering the key container
There are 3 ways to fill in the Key Container Name field:
Manual input
Select from the list by clicking the Browse button
Search by digital signature certificate
In addition to filling out the Key Container Name field, you must fill in the remaining search options:
- The entered name specifies the key container - the switch is set to User or Computer, depending on which storage the container is located in;
- Select CSP to search for key containers - the required crypto provider (CSP) is selected from the list provided.
Once all fields are completed, click Next.
If a password is set for access to the private key, the system will ask you to enter it. Enter your password and click OK.
Step 4. Entering a new key container
The system will again display the Copy Private Key Container window, in which you must enter the name of the new key container and select the Entered name radio button sets the key container to the User or Computer position, depending on the storage in which you want to place the copied container.
Click on image to enlarge
After entering, click Finish.
Step 5: Select media for the copied container
A window will appear on your screen in which you need to select the media for the copied container.
Nowadays, in almost every organization, an accountant’s computer has CIPF– cryptographic information protection system. We use it as such. In our case, CryptoPro is necessary for the operation of the Client Bank and the VLSI++ program (through this program, the accounting department prepares and submits reports to the tax office, pension fund, and Rosstat).
The main functions of CryptoPro CIPF are:
— checking the payer’s secret keys when sending electronic documents via communication channels;
— encryption of payer documents when sending reports;
— deciphering the responses received from inspections.
When working with both Client-Bank and VLSI++, key media are used on which secret keys and certificates are stored. Such media can be a floppy disk, a flash drive, a secure flash drive (Rutoken, eToken), as well as a registry.
So, one day our accountant got tired of inserting a floppy disk into the computer every time he sent reports. In addition, this media is quite unreliable and has failed a couple of times (it happened). Therefore it was decided copy the keys from the floppy disk to the registry.
Storing keys in the registry is of course convenient. But keep this point in mind: when you reinstall the operating system on your computer, information about your keys will be irretrievably lost. So after you copy the keys to the registry, be sure to save the media with the original of these keys.
So, how can you copy keys from a floppy disk to the registry in CryptoPro CSP 3.6?
1. Go to “Start” – “Control Panel” – “CryptoPro CSP”.
2. In the window that opens, go to the “Service” tab.
3. Insert the key floppy disk into the floppy drive of the computer and click the “Copy container” button. 
4. Next, click “Browse” and in the window that appears, select the container that you want to copy (click on it once with the mouse and click “OK”). 
The name of the selected container will appear in the “Key container name” field. Click “Next”. 
5. In the next window, write any name - this will be the name of the copy. Click “Done”. 
6. Next, select the “Registry” media and click “OK”. 
A window will appear asking you to set a password. If you don’t need this, don’t enter anything, just click “OK” here. 
That's all - we copied the key to the registry. To check this, in the same place in the “Service” tab, click the “View certificates in the container” - “Browse” button - here in the list of key containers the registry and the container name that you specified will be displayed. 
Copying using Windows
If you use a floppy disk or flash drive for work, you can copy the container with the certificate using Windows (this method is suitable for versions of CryptoPro CSP no lower than 3.0). Place the folder with the private key (and, if there is one, the certificate file - the public key) in the root of the floppy disk / flash drive (if you do not place it in the root, then working with the certificate will be impossible). It is recommended not to change the folder name when copying.
The folder with the private key should contain 6 files with the extension .key. As a rule, the private key contains a public key (the header.key file in this case will weigh more than 1 KB). In this case, it is not necessary to copy the public key. An example of a private key is a folder with six files and a public key is a file with the .cer extension.
Private key Public key
Copy to Diagnostics profile
1. Go to the “Copying” Diagnostics profile using the link.
2. Insert the media to which you want to copy the certificate.
3. On the desired certificate, click on the “Copy” button.
If a password has been set for the container, the message “Enter the password for the device from which the certificate will be copied” will appear.
4. Select the media where you want to copy the certificate and click “Next”.
5. Give the new container a name and click on the “Next” button.
6. A message indicating that the certificate was successfully copied should appear.
Bulk copy
- Download and run the utility. Wait for the entire list of containers/certificates to load and select the required checkboxes.
- Select the Bulk Actions menu and click on the Copy Containers button.
3. Select the storage media for the container copy and click OK. When copying to the registry, you can check the box “Copy to the key container of the computer”, then after copying the container will be available to all users of this computer.
4. After copying, click the “Update” button at the bottom left.
If you want to work with copied containers, you need .
Copying using CryptoPro CSP
Select “Start” > “Control Panel” > “CryptoPro CSP”. Go to the “Service” tab and click on the “Copy” button.
In the Copy Private Key Container window, click on the Browse button .
Select the container you want to copy and click on the “Ok” button, then “Next”. If you copy from a root token, an input window will appear in which you should enter a pin code. If you have not changed the pin code on the media, the standard pin code is 12345678.
Create and manually specify a name for the new container. Russian layout and spaces are allowed in the container name. Then click "Done".
In the Insert Blank Key Media window, select the media on which the new container will be placed.
You will be prompted to set a password for the new container. We recommend that you set a password that is easy for you to remember, but that others cannot guess or guess. If you do not want to set a password, you can leave the field blank and click OK.
Do not store your password/pin code in places where others have access. If you lose your password/pin code, using the container will become impossible.
If you copy the container to a ruToken smart card, the message will sound different. In the input window, enter your pin code. If you have not changed the pin code on the media, the standard pin code is 12345678.
After copying, the system will return to the “Service” tab of CryptoPro CSP. Copying is complete. If you plan to use a new key container to work in Externa, .
Initially, an electronic signature (ES) is issued on a physical medium called RuToken or EToken. It stores a certificate (aka public key, as I understand it) and a secret (aka private) key. This key pair is combined by a key container. There can be several key containers on one physical medium. After the certificate expires, it is reissued along with the private key, that is, a pair of keys is created anew: private and public.So, what I’m talking about, the office has a Rutoken with an electronic signature, several employees may need it at the same time to sign documents, and this is where conflicts begin. But in fact, not everything is so sad, if the key container allows itself to be exported, then it can be placed from Rutoken to the Registry! By placing the container in the registry and indicating to the certificate that the private key is stored in the registry at such and such an address, the presence of Rutoken in the USB port disappears.
How it's done
Naturally, the first thing we do is insert Rutoken into the USB port. Launch CryptoPro CSP as ADMINISTRATOR and check which media are available:If a reader is available in the list Registry, then everything is fine, otherwise press the button Add and using the reader installation wizard we add Registry.
Next you should test the key container:
If key export is allowed, then let's start copying the key! Go to the key copy interface Tools -> Copy, select the name of the key container that is stored on Rutoken. Please note the setting if installed User, then the browser will display key containers from the registry that were previously exported for the current OS user, if you install Computer, then the containers previously exported for the computer will be displayed. Let's copy it for the user:
 |
| Selecting a container to copy |
After selecting the reader, set a new password for the new copied key container, and the export is complete. To make the certificate refer to the private key stored in the registry, simply reinstall the certificate.
If a flash drive or floppy disk is used for work, copying can be done using Windows (this method is suitable for versions of CryptoPro CSP no lower than 3.0). The folder with the private key (and the certificate file, if any) must be placed in the root of the flash drive (floppy disk). It is recommended not to change the folder name when copying.
The private key folder should contain 6 files with the extension .key. Below is an example of the contents of such a folder.
Container copying can also be done using the CryptoPro CSP crypto provider. To do this you need to follow these steps:
1. Select Start / Control Panel / CryptoPro CSP.
2. Go to the Tools tab and click on the Copy button. (see Fig. 1).
Rice. 1. “CryptoPro CSP Properties” window
3. In the window Copying a private key container press the button Review(see Fig. 2).
Rice. 2. Copying the private key container
4. Select a container from the list, click on the button OK, then Further.
Rice. 3. Key container name
6. In the “Insert and select media to store the private key container” window, you must select the media on which the new container will be placed (see Figure 4).
Rice. 4. Selecting a blank key media
7. You will be prompted to set a password for the new container. Setting a password is optional, you can leave the field blank and click on the button OK(see Fig. 5).
Rice. 5. Setting a password for the container
If copying to media Rutoken, the message will sound different (see Fig. 6)
Rice. 6. Pin code for container
Please note: if you lose your password/pin code, using the container will become impossible.
8. After copying is completed, the system will return to the tab Service in the window CryptoPro CSP. Copying is complete. If you plan to use a new key container to work in the Kontur-Extern system, you must install a personal certificate (see How to install a personal certificate?).
For bulk copying, download and run the Certfix utility.
