Installation Reinstalling the plug-in to work with EP. Instructions for setting up a plug-in and browser to work with an electronic signature on the Public Services portal. How to set the supplement cryptopro
One of the possible errors when working with the Public Services portal is the side of the user, namely, in its browser, the program with which you browse web pages. Obvious to know whether the error in your software is difficult - so you should simply try this method.
What are the errors?
- The browser uses old files. When you first appeal to the web page, the browser remembers (caches) some files so as not to spend resources on their new download. These files may be responsible for the performance of a functional. An error occurs when the visitor browser uses previously saved files, while on the portal itself executable files changed: the developers made a new functionality or finalized old. Accordingly, an error may occur with the "old" files when interacting with the portal.
- The browser does not support the necessary functions. The browser is, in fact, a set of rules that tells him how to handle this or that code. That is, the same document can work in different ways in different browsers. Such differences are laid by the developers at the program development phase and you cannot affect them. This suggests that in one browser, the State Service portal can work correctly, and in the other there is no.
- Problems with plugin for working with public services (relevant only for legal entities). For the work of a legal entity with the Public Services portal, it is necessary to establish a special plugin (read more about the installation and possible problems on the link https://www.gosuslugi.ru/help/faq/yuridicheskim_licam/2744).
How to solve a break with a browser?
Option 1. Clear Cache and Cookie
When contacting the technical support of the State Service portal, you can often hear the advice to clear the cache and the cookie of the browser used. Here you have two options: "Clean" the browser that you use as the main one or use another (non-repaid) browser.
The first option is good in that you do not need to change the usual program. But then there is a significant drawback - all sites where the entrance is needed (social networks, email and other) will be divorced. If you do not remember the passwords to these accounts, you can easily lose access to them. Plus to everything, the whole story of previously visited sites will be lost for you. If you have recorded the necessary data from the accounts you need and you do not need the history of visits to sites, you can "clean" your main browser.
The second option implies that you are using any other browser you do not use or a freshly signed program. In any case, make sure that the story and cookie of this browser is cleaned, and better spend the cleaning procedure again.
In order to clean the story and cookie, use a key combination Ctrl + Shift + Del (simultaneous pressing) for the Windows and Shift + ⌘ + Backspace operating system for Mac OS. Be sure to check the items to delete the history of views and cookies (see examples below).
Clearing Google Chrome browser
Internet Explorer 11 browser cleaning
Cleaning the Opera browser
Mozilla Firefox browser cleaning
Option 2. Use another browser
Even if you have decided to simply clean the cache and cookie with your main browser, and your problem has not decided, it makes sense to use another browser. Perhaps in your online browser there were updates, which now do not allow to work correctly with the Gos services portal. In this case, simple cleaning of history will not help you. But the use of another browser will increase the likelihood of solving the problem.
Option 3. Set up the current browser (for JUR. Persons)
Installing a plug-in for legal entities is a mandatory configuration of the browser to work correctly with public services and an electronic signature. The problem may be in an unidentified plugin, an incorrectly working plugin, an anti-virus computer system, etc. For more information about problems and solutions, you can view in the help section https://www.gosuslugi.ru/help/faq/yuroidicheskim_licam/2744 or Contact.
Which browser is better to use to work with state services?
The portal is designed to work correctly in all the latest version of the most common browsers:
- Google Chrome, Chrome Mobile;
- Yandex Browser;
- Mozilla Firefox;
- Opera;
- Apple Safari;
- Mobile Safari;
- Internet Explorer;
- Android Browser;
- "Satellite".
Therefore, the principal difference, in which browser work, no. The only thing, try not to use old versions, since the risk of error in such browsers increases and you will not work normally in.
In recent years, most of the workflow has moved to the area of \u200b\u200bremote service via the Internet, while paper media is gradually osculated by electronic virtual counterparts. The software product "Crypto Pro" was the greatest popularity, with which the electronic digital signature is confirmed. But for reliability and accuracy, it is necessary to check the "Cryptopro EDS Browser Plug-in" plugin and make sure that it is installed on the computer or other electronic device.
Nuances of the plugin and system requirements
For the normal functioning of all divisions, the question arises to ensure the necessary level of data protection when signing the documentation, the safety of secrecy and commercial secrecy. The solution of tasks is achieved by the development of special software products and algorithms that encrypt and decrypt information included in the document simultaneously confirm its authenticity. These programs are a certified product and cover certain areas of the information field.
The essence of their work is to process documents online using special extensions for all browsers with support for JavaScript. It freely operates in all major operating systems except Android. The plugin allows you to sight the following types of documents:
- in electronic format;
- files that are downloaded from a computer computer;
- text messages and other types of documentation.
For example, when transferring funds in Internet banking by checking the "Cryptopro EDS Browser Plug-in", you can confirm that the operation comes from the account owner with an active key certificate valid for a specific point. This software is checked with an improved and usual electronic CPU. At the same time, it disappears when checking in the Internet connection, the archive storage of documentation is provided. Electronic signature can be:
- attached, i.e. added to the visible documents;
- discarded EP, that is, created separately.
The program product "Cryptopro EDS Browser Plug-in" is distributed free of charge and downloaded from the official site. Checking the work of the plug-in occurs on the user's computer.
Installing software
The installation process is simple. It is necessary to go to the official portal Cryptopro.ru/products/cades/plugin/Get_2_0. Download by specifying where the CADESPLUGIN.EXE boot file will be saved. Run the program.
Important! The launch of the plug-in is not available for ordinary users. You need to have administrator rights.
Upon successful completion on the monitor screen, there will be a corresponding notification.
But this message is not a guarantee of correctness. It will be necessary to carry out additional configuration and verification of the Browser Plug-in EDS depending on the type of browser used. To correctly, the installed program should be started again, in some cases with a full reboot of the computer.
Tip! In some browser, the program was not used, it should always be restarted after installation.
Features of the installation process
Considering that each browser is somewhat different at work, the plugin is adapted for each environment.
Attention! If errors and the program does not create objects before starting work, it is necessary to allow launches independently for specific sites or pages that the user often visits.
In cases where the plugin is used on specific pages, the corresponding icon is necessary, which will indicate the ability to use this extension.
To do this, find Cryptopro Cades NPAPI Drowser Plug-in and allow it to be used in automatic mode. This is true for Mozilla Firefox. For opera and Yandex, the procedure for using expansion is identical.
Find in the "Extensions" item in the menu, and load the plugin through it. You can also copy the extension name and paste into the appropriate query string. The system itself will execute everything. For the Google Chrome browser, the extension itself will be available, and the user will continue to confirm the installation.
After performing all operations and installations, you must close all windows and tabs, restart the re-browser.
What if the system "does not detect" the program?
It often happens that when installing a plugin and then an attempt to work with EDS problems appear. Pops up the window offering to install the program. In this case, it is recommended to contact the Developer's website to the "Contacts" section set out the essence of the problem and obtain the relevant recommendations. It is recommended to provide screenshots of all actions. In this case, it will be much easier to identify the problem. If the check has passed successfully, the corresponding notification appears that the plugin is loaded.
Recommendations for the use of software
If you have to reinstall an existing plugin, but not working, then you first need:
- delete it and all unnecessary programs through the "Control Panel";
- deductible cache;
- re-download the plugin and run it with the administrator rights;
- be sure to add all the Personal Accounts Pages to Trusted Nodes.
In the three necessary steps to work with the EDS in the UEC on the website of the State Service (Gosuslugi.ru)
3. Working with the public service - "Installing a plug-in for working with the portal of public services" (to install the Rostelecom plugin should be without launched browsers). According to the instructions, add the address https://esia.gosuslugi.ru in the "List of reliable nodes for Internet Explorer" (How?).
When registering on the portal of the State Service using the EDS, select the "Confirm Personality using an electronic signature" item, then "the electronic signature tool with software cryptoproder", press "Next", select the certificate for registration on the EDS, after clicking on "OK" and long waiting In the "Password" field, we introduce a 6-digit "ID. PIN2" from the UEC.
At the entrance to the State Service portal using the EDS (it may be necessary if you forgot the password) we select the authorization "through the cryptoprovider", click "Log in", select the certificate for authorization on the EDS, after pressing "OK" and long wait in the "Password" field 6 -Matic "ID. PIN2" from the EEC.
If you get wrong three times with the input of the password ... you have to go to the legs to unlock the EDS where they received, for unlocking it will take 8-digit "ID.CP" from the UEC.
For completeness, I will add that "Id.pin1" from the UEK is used to identify the owner (may be requested, for example, in hospital reception), and "bankpin" is a password of the bank application (requested in terminals at the box office).
Well, finally, FAQ (CPI in Proshi) from the developers.
To check CADES-X LONG TYPE 1 signatures https://www.cryptopro.ru/sites/default/files/products/cades/demopage/cades_xlong_sample.html
Agree with all popup windows, if any.
You must see the page of this type:
If you see such a window, then go to step 2, if not, then read on.
If you see such a window, it means that the CSP cryptopro is not available or is not available, see how to check the installation or set CSP cryptopro.
If you see such a window, then the CadesBrowSerPlug-in is not installed or not available, see how to check if the plugin is installed, how to make sure that the browser is configured correctly.
Step 2.
In the Certificate field, select the required certificate and click sign.
Note: In the Certificate field, all certificates set to the Personal User Storage are displayed, and certificates recorded in key containers. If there are no certificates or no certificate in the list, it means that you need to insert a key carrier with a closed key and.
If after pressing the Sign button you see such a result, then you have successfully performed the signature and cryptopro EDS Browser Plug-in running in normal mode.
If you got an error, then see the error information section.
How to check whether cryptoproCSP
Check if the CSP cryptopro is installed, you can enter the program control panel and components (installation and removal of programs). You can also see the version of the installed product:
If the CSP cryptopro is not installed, then the trial version (for 3 months) can be downloaded from us on the site (for downloading the file you need a valid account on our portal: https://www.cryptopro.ru/sites/default/files/ Private / CSP / 40/9944 / CSPSETUP.EXE
After downloading.exe file, start it and select "Install (recommended)". Installation will occur automatically.
How to check whether the cryptopro EDS is Browser Plug-in
Check whether the cryptopro is installed by the Browser Plug-in EDS, you can enroll in the program control panel and components (installing and removing programs). You can also see the version of the installed product.
If the cryptopro EDS is Browser Plug-in not installed, then the distribution can be downloaded from us on our website: https://www.cryptopro.ru/products/cades/plugin/get_2_0
Installation instructions: https://cpdn.cryptopro.ru/content/cades/plugin-installation-windows.html
How to make sure the expansion in the browser is included
If you are usingGoogleChrome.You must turn on the extension. To do this, in the upper right corner of the browser, click on the Settings and Google Chrome control icon (three points) - Additional tools - Weights.
Make sure the Cryptopro Extension for Cades Browser Plug-in extension is also included. In the absence of extension, reinstall the Cryptopro EDS Browser Plug-in or download the extension via the online store Chrome: https://chrome.google.com/webstore/detail/cryptopro-extension-for-c/iifchhfnnmpdbibifmljnfjhpififfog?hl\u003dru
If you are usingMozilla.Firefox.version 52 and above, it is required to additionally install the expansion for the browser.
Allow it to install:
Click Add:
Scroll-Extension Tools and make sure that the extension is enabled:
If you are usingInternet Explorer., When you go to the page, which is built in CadesBrowSerplug-in, you will see the following page at the bottom of the page:
Click Allow.
In the Access Confirmation window, click Yes:
If you are usingOpera,you need to install an extension from Opera Additions Catalog:
And in the pop-up window, click - set the extension:
In the next window, click Install:
Either go to the expansion menu:
Click Add Extensions and Enter Cryptopro in the search bar, select our plugin and click Add to Opera. After that restart the browser.
Check whether the plugin is enabled in the extension-expansion menu:
If you use Yandex Browser, It is necessary to proceed the setup options and make sure that the cryptopro EDS is and is enabled. If there is no extension, you can download its extension directory for Yandex Browser, using the search for the word cryptopro.
Error information
1) The cryptopro window appearsCSP Insert key media
The appearance of this window means that you do not have a closed key media for your chosen certificate.
You must insert key media. Ensure that the OS will "see" it and try again.
If the previous actions did not help, it is necessary to reinstall the certificate in the Personal User Personal User repository with the binding to the closed key. .
2) Could not create a signature due to an error: it fails to build a chain of certificates for a trusted root center. (0x800B010A)
This error occurs when it is impossible to check the status of the certificate (there is no binding to the closed key, there is no access to the recall lists or the OCSP service) or root certificates are not installed.
Perform a certificate binding to the closed key:
Check whether the confidence chain is built:open the certificate file (you can open it through the start-all program-cryptopro-certificates-current user-personal certificates), go to the certification path tab. If there are red crosses on this tab, or there is nothing at all in addition to the current certificate (except when the certificate is self-signed)
Screenshots with examples of certificates that do not build a chain of confidence.
In order for the confidence chain to build it necessary to download and install root and intermediate certificates. You can download them from the UC site published by the certificate.
If you are using a qualified certificate, then try to install these 2 certificates into trusted root root (these are certificates of the head UC Ministry of Communications and from them, if there is an Internet, a chain of trust from any qualified certificate should be built), if it does not help, please contact the UC, which issued you a certificate .
To set the downloaded certificate to trusted root certification centers, click on it. Right-click-select -eranged Certificate Certificate Certificate All Certificates in the following repository overview-Trusted root Certification Certification Centers - Next- Prepare Warning System Warning About installing certificate- Tap Yes. If you install the certificate of the intermediate certification authority, select the repository of the intermediate certification centers.
Important: If you create Cades-tii Cades-Xlongtype 1, an error may occur if there is no confidence in the certificate of the TSP service statement, in this case it is necessary to install the root certificate certificate of the UC published in the trusted root centers.
3) If the signature is created, but the error when checking the certificate chain is on, it means that there is no access to the lists of recalculated certificates.
Lists of revoked certificates can be downloaded on the UTS website, issued a certificate, after receiving the list it must be installed, the procedure is identical to the procedure for installing an intermediate CA certificate.
4) Error: 0x8007064a.
Cause of the error expired licenses for CSP cryptopro and / or cryptopro TSP Client 2.0 and / or Cryptopro OCSP Client 2.0.
To create CADES-BES signatures should be a current license for CSP cryptopro
To create the XLT1 must be valid licenses for the following software products: CSP cryptopro, Cryptopro TSP Client 2.0, Cryptopro OCSP Client 2.0
You can see the status of licenses through: Starting all program-crypto-pro-management of cryptopro licenses PKI.
Solution: Purchase a license for the desired software product and activate it:
Starting all program-crypto-pro- Cryptopro licenses management PKI -Sut the desired software product- Open the context menu (right-click) -Chow item All Tasks Select Item Enter Serial Number ... - Serial License Serial Number - Press OK
5) Key set does not exist (0x80090016)
Cause of the error: the browser does not have enough rights to perform an operation - add our site to trusted
6) disabled access (0x80090010)
Cause Error: Expired a closed key. Check the validity period Go to Start-\u003e All Programs (All Applications) -\u003e Cryptopro-\u003e Crypto-Pro CSP. Click the Tools tab. Select Test, select a closed key container and in the test results you can see its validity. It is recommended to get a new key.
7) Error: Invalid algorithm specified. (0x80090008)
This error occurs if you use a certificate, the algorithm of which is not supported by your cryptoproder.
Example: You have a CSP Cryptopro 3.9 and the certificate is released according to GOST 2012.
Or if a hashing algorithm is used that does not correspond to the certificate.
Also check the relevance of the CSP cryptopro version.
Cryptographic operations, such as creating an electronic signature or file decryption, require access to keys and user data (for example, to repository personal certificates). When performing such operations with web applications (with the Cryptopro, the Browser Plug-in Cryptopro), the plugin requests the user permission to appeal to its keys or personal data.
The user resolution will be requested when activating the objects of cryptopro EDS Browser Plug-in.
Trusted Web sites (for example, in the Intrant Organization) can be added to the list of reliable websites. Web nodes from the list of reliable nodes will not request user confirmation when you open the certificate store and operations with the user's closed key.
Managing a list of reliable web sites on Windows platforms
To manage a list of reliable web sites in the cryptopro EDS Browser Plug-in, the user must run Start -\u003e Crypto-Pro -\u003e Settings EDS Browser Plug-in. This page is part of the Distribution of the Cryptopro EDS Browser Plug-in.
The computer or domain administrator can also manage the list of reliable websites for all users through group policy. Setup is carried out in the Group Policy Console in the section Computer Configuration / User Configuration -\u003e Administrative Templates -\u003e Crypto Pro -\u003e Cryptopro EDS Browser Plug-in. The administrator includes the following policies: List of trusted nodes. Defines the addresses of trusted nodes. Web sites specified through this policy are trusted in addition to those that the user adds independently through the Cryptopro settings page of the Browser Plug-in.
Page saves a specific user
HKEY_USERS \\
Politics saves in the appropriate policy section:
HKEY_LOCAL_MACHINE \\ SOFTWARE \\ POLICIES \\ Crypto-Pro \\ Cadesplugin \\ trustedsites
Managing a list of reliable websites on UNIX platforms
To manage the list of reliable web sites in the Cryptopro, the Browser Plug-in EDS on UNIX platforms is the /etc/opt/cprocsp/trusted_sites.html page, which is part of the Cryptopro Distribution of the Browser Plug-in EDS.
Also, to view a list of reliable web sites, you can use the command:
/ OPT / CPROCSP / SBIN /
To add web sites (for example, http: // MyTrustedSite and http: // MyotherTrustedSite), you can use the command to the list:
/ OPT / CPROCSP / SBIN /
To clear the list of reliable web nodes, you can use the command:
/ OPT / CPROCSP / SBIN /
Adding sites to a list of reliable nodes for all users Available Using a Command
/ OPT / CPROCSP / SBIN /
