Driver for smart card rutoken. Setting up a rutoken ecp to work with egais
Using Rutoken allows users CryptoPro CSP protect key information from unauthorized access. Keys and certificates will be stored in a secure file system Rutoken. But before moving on to configuring the rutoken, it is very important to understand the digital signature.
About electronic digital signature
An electronic digital signature is special information that is added to an electronic document and makes it possible to verify whether changes were made to the electronic document after it was signed, as well as to identify the person who signed this document. It is possible to add an electronic digital signature to an electronic document using a private key and a special software.
What is a private key? The private key is a set of characters in the form of a computer file. In this case, the private key plays the role of a ballpoint pen when signing a document on paper.
To verify the digital signature on an electronic document, a different set of characters is used - the public key. After the certificate is generated, the public key becomes part of it and is not used separately.
Enhanced Certificate public key(hereinafter referred to as the certificate) is a document that certifies the authenticity and ownership of the public key by the subscriber. Such a document is issued by an accredited key certification authority and exists in in electronic format. To check the EDS on a document, you must have a signer's certificate and special software.
The certificate serves to verify the EDS on the document, is not secret and can be freely distributed via the Internet and other open communication channels. Imposing an EDS on an electronic document using a certificate or obtaining your private key from it is impossible.
As a result, we get the following. One entity signs the document using the private key and special software, while the other verifies the signature on the document using the signer's certificate and special software. At the same time, the person who verifies the signature does not need to have his own private key and certificate.
Instruction. Rootken setup. How to install an EDS certificate
Rutoken is a small USB-block designed for the safe storage of electronic information, as well as the storage of EDS. In order to properly configure Rutoken, you need to download the necessary drivers. You can download them from the official website www.rutoken.ru. After running the file downloaded from the site, follow the steps in the installation wizard by clicking "Next". After the installation steps are completed, the "Close" button configures Rutoken by performing a series of operations.
Setting up Rutoken
Step 1
Insert the USB block into the computer
Step 2
Activate the control panel
Step 3
through the tab "Administration" we find the button "Information"
Step 4
in the window that opens, you can see the status of Microsoft Base Smart Card Crypto Provider
If opposite is "Supported", then just continue the steps - "OK". In the case when the status is "Activate", activate the media. "Not supported" means that the media does not support work with EGAIS (Unified State Automated Information System).
Step 5
Select "Settings" in the tab with the same name.
Step 6
For "Rutoken EDS Smart Card" and "Rutoken EDS (2.0)" you need to select the same value - "Microsoft Base Smart Card Crypto Provider".
Step 7
Rutoken setup completed
Another important point required during the settings is the Rutoken PIN code. By default, the PIN code 12345678 is generated, which must be entered. This makes it possible not to get confused in PIN codes and passwords, since it must be entered at each installation.
Before you learn how to install an EDS certificate on a computer, you will need to download and install special program. It is called Crypto Pro CSP and should only be downloaded from the official website. The program has paid content, but the possibility of free free use for 3 months is provided. Next, you can proceed to install the EDS certificate itself.
EDS is installed in two ways:
through the subsection "View certificates in the container"
through the subsection "Install personal certificate»
First, find the previously downloaded Crypto Pro. Having opened it, you will see a window with sections: "Algorithms", "Security", Winlogon, "General", "Hardware", "Service". You need a "Service" tab.
We find further “Install a personal certificate”, and the certificate installation wizard will open in front of you. When setting up, almost everywhere click "Next". It is possible to select a certificate through the "Browse" button and pave the way to it. Also to the place of storage.
The second option is sequential actions through "view certificates in the container". Through the "Browse" select the certificate, click "Next", "Properties", "Install Certificate", "Next", "Finish". Installation completed successfully.
How to copy an EDS from Rutoken to a USB flash drive
Writing an EDS to a USB flash drive is sometimes required to ensure security electronic signature or for transfer to another person. You can also do this with:
the holder of the EDS -
Rutoken
We open Crypto Pro, while both the USB flash drive and Rutoken should already be inserted in the computer in advance. In the "Service" tab, click "Copy" and in the window that opens, through the "Browse" select the certificate you need to copy, confirming the action with the "OK" button. You may need to enter the password and the name of the EDS key copy by clicking "Next" until the "Finish" button appears. A window will open in front of you in which you need to select a flash drive, generate a new password and type it in, copying is completed. Make sure that a folder with a copy of your certificate appears on the flash drive. In order to copy the EDS from rutoken to rutoken, similar actions are carried out. Only after the "Finish" button, select not a USB flash drive, but the second Rutoken carrier. At the end, also check if the copy folder has appeared.
To obtain an electronic signature, please contact our phone managers or use the feedback form.
1. The LED (bulb) may have burned out on the token. To check you should:
- Open "Start" > "Control Panel" > "Rutoken Control Panel" (if this item is missing, then you should update the Rutoken driver).
- In the “Rutoken Control Panel” window that opens, check whether the token is displayed in the “Readers” item, and whether the “Enter PIN-code” (or “Login”) and “Information” buttons are active. If the buttons are active, then the bulb simply burned out (this will not affect the operation of Rutoken). If the buttons are inactive, then go to step 2.
2. Connect Rutoken to another USB port.
3. Start / restart the "Smart Card" service. For this:
- Select Start Menu > Control Panel > Administrative Tools > Services. Find the "Smart Card" service in the list and check the value in the "Status" column.
- If the service is running, then restart it. You need to right-click on the line with the name of the service and select "Restart".
- If the service is stopped, you must start it. To do this, right-click on the line with the name of the service and select "Start".
4. Reinstall the Rutoken driver, having previously disconnected the media from the computer.
To do this, open the Start menu > Control Panel > Add or Remove Programs (for Windows Vista \ Windows Seven, the Start menu > Control Panel > Programs and Features). In the list, find the item "Rutoken Drivers" and select "Delete". After uninstalling, you must restart your computer and install the Rutoken driver again.
5. If reinstalling the driver did not solve the error, you need to install the driver using the "Device Manager" menu. The installation procedure depends on the operating system. Below are the settings for:
Driver installation for Windows Vista \ Windows Seven
2. In the menu that opens, select "Device Manager".
3. In the window that opens, check if the list contains the "Other devices" item marked with a yellow icon.
4. It is necessary to select the line "ruToken" and select "Update drivers".
6. Click on the "Browse" button, specify the directory C:\Windows\System32\Aktiv Co and click on the "Next" button. The specified directory may be hidden. In this case, you must select the menu "Tools"\u003e "Folder Options"\u003e "View", set the radio button "Show hidden files, folders and drives" and repeat the selection of the directory.
7. Wait for the installation to finish and click on the "Close" button.
8. After installing the driver, the device will be displayed in the "USB Controllers" section. The diode on the token should also light up.
Driver installation for Windows XP
1. Right-click on the "My Computer" icon and select the "Properties" item.
2. In the "System Properties" window, go to the "Hardware" tab and click on the "Device Manager" button.
3. In the window that opens, check if the list contains the element "ruToken" (or "Unknown device"), marked with a yellow icon. You need to right-click on it and select "Update driver".
4. In the "Hardware Update Wizard" window, select the "Install from a list or specific location" radio button.
5. In the window that opens, click the "Browse" button, specify the path to the C:\Windows\system32\Aktiv Co\rt USB directory and click the "Next" button. The specified directory may be hidden. In this case, you must select the menu "Tools" > "Folder Options" > "View", set the switch "Show hidden files, folders and drives" and repeat the selection of the directory
6. Wait for the installation to finish and click on the "Finish" button.
7. When the driver installation is complete, the device will be listed under Universal Serial Bus Controllers. The diode on the token should also light up.
6. If following the instructions did not help fix the error, the token is most likely faulty. To verify this, you should connect Rutoken to a computer on which the driver has never been installed. If the media is working correctly, the Found New Hardware Wizard should start. If nothing happens when you attach the rutoken, then the media is most likely defective and needs to be replaced.
If a copy of the certificate has been saved, you should use it to work in the Kontur.Extern system, having previously installed the certificate. If copies are not saved, you must contact the service center for an unscheduled replacement of the key.
In order to check the readiness of the Rutoken key identifier to be configured to work with EGAIS, open the "Rutoken Control Panel" - the "Administration" tab - the "Information" button - and check the status opposite the "Microsoft Base Smart Card Crypto Provider" field:
Supported
This status means that Rutoken's electronic identifier is already ready to configure the default crypto provider. Go to the second paragraph of this instruction - "Change the default crypto provider"
If the status is Supported, go to
If the field "Microsoft Base Smart Card Crypto Provider" has the status Activate or Not supported, go to step 2.
2. Enabling crypto provider support for Rutoken EDS
To check the readiness of the Rutoken key identifier for setting up for working with EGAIS, open the "Rutoken Control Panel" - the "Administration" tab - the "Information" button - and check the status opposite the "Microsoft Base Smart Card Crypto Provider" field:
Activate
If a User or Administrator has a non-default PIN set, it will need to be entered during activation.
Please note that if both PIN codes do not correspond to the default values, for activation it will be necessary to enter the PIN code of the Administrator, then the User in sequence.
If one or both PINs are unknown, you must contact the company that provided you with the Key Identifier to obtain the PINs.
If it is not possible to find out the current PIN code values, the only option left is to format the Rutoken identifier to set new PIN code values. Please note that during the formatting of the key identifier, all content is permanently deleted.
After the activation procedure, the status in the "Microsoft Base Smart Card Crypto Provider" field should change to "Supported"
to continue setting up the Rutoken key identifier, go to Point 2.
Not supported
The "Not supported" status is displayed if an attempt is made to configure a Rutoken model that is not designed to work with EGAIS, for example, or. Only the model is suitable for working with EGAIS
3. Changing the default crypto provider
Open "Start" - ("Settings") - "Control Panel" - "Rutoken Control Panel" - "Settings" tab - in the "Crypt provider settings" item, click the "Settings ..." button
In the "Crypto provider settings" window, for the Rutoken EDS 2.0 electronic identifier, select "Microsoft Base Smart Card Provider".
If the computer will generate an RSA key pair, set the lower field to Microsoft Enhanced RSA and AES Cryptographic Provider
To save the changes, click the "OK" button.
4. Setting up a workplace to work with the EGAIS portal.
detailed instructions for generating a transport key in personal account EGAIS and the installation of a universal transport module can be viewed.Website
Sergey, you need to check Rutoken. If the status “Not supported” is displayed during setup in the media information window, this means that Rutoken is not designed to work with EGAIS. Most likely, you have Rutoken Lite or Rutoken S. Only Rutoken EDS 2.0 (GOST R 34.10-2012 standard) is suitable for working with EGAIS.
Arthur L
Sergey, if it says “not supported” for you, then you are either downloading from the wrong site and you got a singed version, or you have programs without EGAIS support. Better really pay extra and install the extended version along with the master, it costs a penny, at least look at the future how to do it. This is a matter of your own safety, you then sign the documents.
Anna V.
Dmitry, I didn’t try to set anything up myself initially. I know that it's a disastrous business, not everything is as simple as they say in the instructions. Our specialist spent about three hours, I can imagine how I would suffer. I didn’t set up the cash register myself, although it’s much easier there.
Sergey Gress
I downloaded Rutoken, decided not to spend extra money on drivers and fix everything on my own. The driver itself downloaded, the icon appeared on the desktop, well, as it usually happens during a jump. Now we need to configure the program for the correct transmission of reports to the Unified State Automated Information System, and this is where the burden begins. I don’t understand at all, I go into the rutoken in the administration section, click on the information, they give out ACTIVATE. I click on activation, and in response it gives NOT SUPPORTED. What are my next steps, what to do, why the status NOT SUPPORTED has surfaced and how to get rid of it?
Dmitriy
I set up Rutokol in EGAIS, until a certain point everything went smoothly. But starting with the generation of the key, I realized that the matter is complicated. I was tormented with this key all day, I could not do anything. According to the schemes, everything is so simple, everyone can do it right. In fact, it's just a nightmare. As a result, he called specialists, did everything without problems, without any schemes and algorithms.
Vladimir
Alena, there are differences. JaCarta and eToken USB tokens perform similar functions, but the main difference between them is that the software components for Rutoken EDS 2.0 will have to be downloaded and installed separately. While its analogues have the software necessary for operation already included in a single software module PKI client. Another difference is the price. Rutoken has an average of 300-500 rubles. below. Otherwise, the difference is insignificant. All media have two-factor authentication to protect access to account. They support encryption using hardware cryptography - during use, the key does not leave the media, so the data is not available to unauthorized persons. Suitable for Windows, Mac, Linux.
Alyona
Why is Rutoken better than other drivers? I used to have JaCarta, it seems to be normal too. Now everyone is running to this rutoken, I don’t understand what’s so special about it. What are the features of this driver? Is it the same price as others or is it more expensive? How is it different from my old JaCarta? Maybe someone who already uses, tell me. I don't want to throw money down the drain, so that in fact nothing new can be obtained.
