Cryptopro copy the certificate to another computer. Copying a key container from a rutoken to the registry using cryptopro. Installation via menu install personal certificate
A copy of the EPC will be useful for:
- signature security guarantees
- ease of use
Some certification authorities provide a backup service.
Copying an electronic signature from a secure medium is carried out using the CryptoPRO CSP program.
A copy of the digital signature is made onto a secure medium, such as Rutoken/Etoken. A regular USB flash drive will not work.
Copying from CryptoPro CSP
First of all, download and install the CryptoPRO CSP program from the licensed website. Insert the digital signature media into the computer. Launch the previously installed program. Open the section - Tools → “Copy”.
In the window that appears, select - Review. Select the media you plan to copy → “Ok” → “Next”. In the PIN code entry line, insert the PIN code from your digital signature carrier
Give the new container a name using the Russian layout and spaces. Click → “Done”.
In the line - “Insert a blank key media”, indicate an empty key media. The program will prompt you to set a password. This action is optional. Click → “Ok”. It is worth noting that if you lose your PIN code, you will not be able to use the container. When recording an electronic signature on Rutoken, use the PIN code issued by the certification center.
When the operation is completed, the window will close. A new container will appear on the media, which will be a copy of the digital signature.
If problems arise when creating a duplicate yourself, you can contact our CA. Our managers will be happy to answer your questions. Contact us!
Almost every organization has some kind of electronic key. They are widespread and without them it is almost impossible to conduct any activity. They are needed for signing reporting documents and for many other things. Therefore, those who serve the IT sector in the organization need to know what it is. For example, today we’ll talk about how to copy a certificate from the registry and transfer it to another computer.
How to copy a certificate from the registry to a flash drive
Let's imagine you come to an organization and you need to set up access to a portal for a new employee. You don’t have an electronic key and you don’t know where to get one. In this case, the easiest way is to copy it from the computer on which it is installed. To do this, take a clean flash drive and launch Crypto Pro. Start - All programs - Crypto Pro - Certificates. In general, it is better to store copies of the keys on a separate flash drive in your closet.
In the window that opens, go to the Composition tab and click Copy to file at the bottom.
The certificate export wizard will open on the first tab, click next. You need to specify whether to copy the private key or not. We don’t need it yet, so we’ll leave everything as it is.
Now we mark the required certificate format; in most cases, you need to leave everything here by default.
How to copy a private key from the registry
Some certificates require a private key. It can also be copied from the registry to a flash drive. This can also be done simply by launching Crypto Pro. Go to the service tab and select Copy.
Enter a new name and click Finish.
In the window that opens, select the flash drive.
Often people who use electronic digital signatures for their needs need to copy the CryptoPro certificate to a flash drive. In this lesson we will look at various options for performing this procedure.
By and large, the procedure for copying a certificate to a USB drive can be organized in two groups of ways: using the internal tools of the operating system and using the functions of the CryptoPro CSP program. Next we will look at both options in detail.
Method 1: CryptoPro CSP
First of all, let's look at the copying method using the CryptoPro CSP application itself. All actions will be described using the Windows 7 operating system as an example, but in general the presented algorithm can be used for other operating systems of the Windows family.
The main condition under which it is possible to copy a container with a key is the need for it to be marked as exportable when created on the CryptoPro website. Otherwise, the transfer will not be possible.
- Before you begin, connect the USB flash drive to your computer and go to "Control Panel" systems.
- Open section "System and Security".
- In the specified directory, find the item "CryptoPro CSP" and click on it.
- A small window will open where you need to move to the section "Service".
- Next, click the button "Copy...".
- A window for copying the container will appear, where you need to click on the button "Review…".
- A container selection window will open. Select from the list the name of the one from which you want to copy the certificate to a USB drive, and click "OK".
- The authentication window will then be displayed, where in the field "Enter password" you need to enter a key expression that is used to password the selected container. After filling out the specified field, click "OK".
- After this, you return to the main window for copying the private key container. Please note that in the key container name field the expression will be automatically added to the original name "-Copy". But if you wish, you can change the name to any other, although this is not necessary. Then click the button "Ready".
- Next, a window for selecting a new key media will open. In the list presented, select the drive with the letter that corresponds to the desired flash drive. After that press "OK".
- In the authentication window that appears, you will need to enter the same random password for the container twice. It can either correspond to the key expression of the source code or be completely new. There are no restrictions on this. After entering, click "OK".
- After this, an information window will be displayed with a message that the container with the key was successfully copied to the selected media, that is, in this case, to a flash drive.
Method 2: Windows Tools
You can also transfer the CryptoPro certificate to a flash drive exclusively using the Windows operating system by simply copying it via "Conductor". This method is only suitable when the header.key file contains an open certificate. However, as a rule, its weight is at least 1 KB.
As in the previous method, the descriptions will be given using the example of actions in the Windows 7 operating system, but in general they will be suitable for other operating systems of this line.
At first glance, transferring a CryptoPro certificate to a flash drive using operating system tools is much simpler and more intuitive than actions through CryptoPro CSP. But it should be noted that this method is only suitable when copying an open certificate. Otherwise, you will have to use the program for this purpose.
If the electronic signature was issued to the PC registry, then you can copy it to a medium using the following instructions.
Step 1. Open CryptoPro and go to the “Service” tab, then click on the “Copy” button as shown in the instructions.
Step 2. In the window that appears, click the “Browse” button to select the electronic signature container you need to copy.
Step 3. In the list of existing containers that appears, select the container you need, which you need to copy to the media and click the “OK” button.
Step 4. Confirm the action by clicking the “Next” button in the window that appears
Step 5. In the window that appears, specify the name of the new container that will be created on the media. The name in the field is entered automatically, so you can simply leave it unchanged. Click the "Done" button.
Step 6. A media selection window will appear. Select the desired medium from the list to which you want to copy the electronic signature. In order to understand which media to select from the list, look at the “Inserted media” field: it will either say “Media is missing,” which means you have selected a non-existent media, or the media name will appear similar to the name in the screenshot. Select and click OK.
Step 7. Once you select the media, a window will appear to enter the PIN code for the new electronic signature container. We recommend entering the standard PIN code “12345678”, because... clients often forget or lose their PIN codes, after which the electronic signature has to be reissued. You can set your (different) PIN if you are sure that you will not lose it. After entering the PIN code, click the "OK" button.
Ready. Now the electronic signature container has been copied to the selected medium and you can use it.
If you don’t want to understand these details, we will help. You can even call our engineer to your office.
If a flash drive or floppy disk is used for work, copying can be done using Windows (this method is suitable for versions of CryptoPro CSP no lower than 3.0). The folder with the private key (and the certificate file, if any) must be placed in the root of the flash drive (floppy disk). It is recommended not to change the folder name when copying.
The private key folder should contain 6 files with the extension .key. Below is an example of the contents of such a folder.
Container copying can also be done using the CryptoPro CSP crypto provider. To do this you need to follow these steps:
1. Select Start / Control Panel / CryptoPro CSP.
2. Go to the Tools tab and click on the Copy button. (see Fig. 1).
Rice. 1. “CryptoPro CSP Properties” window
3. In the window Copying a private key container press the button Review(see Fig. 2).
Rice. 2. Copying the private key container
4. Select a container from the list, click on the button OK, then Next.
Rice. 3. Key container name
6. In the “Insert and select media to store the private key container” window, you must select the media on which the new container will be placed (see Figure 4).
Rice. 4. Selecting a blank key media
7. You will be prompted to set a password for the new container. Setting a password is optional; you can leave the field blank and click on the button OK(see Fig. 5).
Rice. 5. Setting a password for the container
If copying to media Rutoken, the message will sound different (see Fig. 6)
Rice. 6. Pin code for container
Please note: if you lose your password/pin code, using the container will become impossible.
8. After copying is completed, the system will return to the tab Service in the window CryptoPro CSP. Copying is complete. If you plan to use a new key container to work in the Kontur-Extern system, you must install a personal certificate (see How to install a personal certificate?).