How to make a copy of an electronic signature. Copying using CryptoPro CSP. How to copy a private key from the registry
Copying the private key container is a mandatory action when reinstalling the SBS on another computer. You can also copy the certificate if you want to create a spare key electronic signature.
Copying a private key container to a flash drive, floppy disk or token is a rather complicated process to avoid errors it is important to strictly follow our instructions.
CryptoPro: certificate copying
Step 1. Opening the CryptoPro program
To open the program follow this path:
Click menu Start, then go to Programs⇒ CryptoPro⇒ CryptoPro CSP
and enable the tab Service.
IN open window Service click the button Copy container.
Rice. 1.
Step 2: Copy the private key container
After pressing the button Copy container, the system will display the window Copying the private key container.
Rice. 2
In the open window you need to fill in the field Key container name.
Step 3. Entering the key container
There are 3 ways to fill out the field Key container name:
Manual input
Select from the list by clicking the Browse button
Search by digital signature certificate
In addition to filling out the Key container name field, you must fill in the remaining search options:
- - the switch is set to position User or Computer, depending on what storage the container is located in;
- Select CSP to search for key containers - the required crypto provider (CSP) is selected from the proposed list.
After all fields are filled in, click the button Further.
If a password is set for access to the private key, the system will ask you to enter it. Enter your password and click the button OK.
Step 4. Entering a new key container
The system will display the window again Copying a private key container, in which you need to enter the name of the new key container and set the switch The entered name specifies key container to position User or Computer, depending on in which storage you want to place the copied container.
After entering, click the button Ready.
Step 5: Select media for the copied container
A window will appear on your screen in which you need to select the media for the copied container.
Insert the media (token, flash drive, floppy disk) into the reader and press the button OK.
Step 6. Set a password
The system will display a window for setting a password to access the private key.
Enter your password, confirm it, and check the box if necessary Remember your password.
If this box is checked, the password will be saved in a special storage on local computer, and when accessing the private key, the password will be automatically read from this store rather than being entered by the user.
After entering the required data, click the button OK. The CryptoPro CSP cryptographic information protection tool will copy the private key container.
If you have any questions, you can order a consultation with a specialist.
Almost every organization has some kind of electronic key. They are widespread and without them it is almost impossible to conduct any activity. They are needed for signing reporting documents and for many other things. Therefore, those who serve the IT sector in the organization need to know what it is. For example, today we’ll talk about how to copy a certificate from the registry and transfer it to another computer.
How to copy a certificate from the registry to a flash drive
Let's imagine you come to an organization and you need to set up access to a portal for a new employee. Electronic key You don’t have it and you don’t know where to get it. In this case, the easiest way is to copy it from the computer on which it is installed. To do this, take a clean flash drive and launch Crypto Pro. Start - All programs - Crypto Pro - Certificates. In general, it is better to store copies of the keys on a separate flash drive in your closet.
In the window that opens, go to the Composition tab and click Copy to file at the bottom.
The certificate export wizard will open on the first tab, click next. You need to specify copy private key or not. We don’t need it yet, so we’ll leave everything as it is.
Now we mark the required certificate format; in most cases, you need to leave everything here by default.
How to copy a private key from the registry
Some certificates require a private key. It can also be copied from the registry to a flash drive. This can also be done simply by launching Crypto Pro. Go to the service tab and select Copy.
Enter a new name and click Finish.
In the window that opens, select the flash drive.
Nowadays, in almost every organization, an accountant’s computer has CIPF– cryptographic information protection system. We use it as such. In our case, CryptoPro is necessary for the operation of the Client-Bank and the VLSI++ program (through this program, the accounting department prepares and submits reports to the tax office, Pension Fund, Rosstat).
The main functions of CryptoPro CIPF are:
— checking the payer’s secret keys when sending electronic documents via communication channels;
— encryption of payer documents when sending reports;
— deciphering the responses received from inspections.
When working with both Client-Bank and VLSI++, key media are used on which secret keys and certificates are stored. Such media can be a floppy disk, a flash drive, a secure flash drive (Rutoken, eToken), as well as a registry.
So, one day our accountant got tired of inserting a floppy disk into the computer every time he sent reports. Besides, this medium quite unreliable and failed a couple of times (had to). Therefore it was decided copy the keys from the floppy disk to the registry.
Storing keys in the registry is of course convenient. But keep this point in mind: when reinstalling operating system on your computer, information about your keys will be irretrievably lost. So after you copy the keys to the registry, be sure to save the media with the original of these keys.
So, how can you copy keys from a floppy disk to the registry in CryptoPro CSP 3.6?
1. Go to “Start” – “Control Panel” – “CryptoPro CSP”.
2. In the window that opens, go to the “Service” tab.
3. Insert the key floppy disk into the floppy drive of the computer and click the “Copy container” button. 
4. Next, click “Browse” and in the window that appears, select the container that you want to copy (click on it once with the mouse and click “OK”). 
The name of the selected container will appear in the “Key container name” field. Click “Next”. 
5. In the next window, write any name - this will be the name of the copy. Click “Done”. 
6. Next, select the “Registry” media and click “OK”. 
A window will appear asking you to set a password. If you don’t need this, don’t enter anything, just click “OK” here. 
That's all - we copied the key to the registry. To check this, in the “Service” tab, click the “View certificates in the container” button – “Browse” - here the registry and the container name that you specified will be displayed in the list of key containers. 
If the electronic signature was issued to the PC registry, then you can copy it to a medium using the following instructions.
Step 1. Open CryptoPro and go to the “Service” tab, then click on the “Copy” button as shown in the instructions.
Step 2. In the window that appears, click the “Browse” button to select the electronic signature container you need to copy.
Step 3. In the list of existing containers that appears, select the container you need, which you need to copy to the media and click the “OK” button.
Step 4. Confirm the action by clicking the “Next” button in the window that appears
Step 5. In the window that appears, specify the name of the new container that will be created on the media. The name in the field is entered automatically, so you can simply leave it unchanged. Click the "Done" button.
Step 6. A media selection window will appear. Select the desired medium from the list to which you want to copy the electronic signature. In order to understand which media to select from the list, look at the “Inserted media” field: it will either say “Media is missing,” which means you have selected a non-existent media, or the media name will appear similar to the name in the screenshot. Select and click OK.
Step 7. After you select the media, a window will appear to enter the PIN code for the new electronic signature container. We recommend entering the standard PIN code “12345678”, because... clients often forget or lose their PIN codes, after which the electronic signature has to be reissued. You can set your (different) PIN if you are sure that you will not lose it. After entering the PIN code, click the "OK" button.
Ready. Now the electronic signature container has been copied to the selected medium and you can use it.
If you don’t want to understand these details, we will help. You can even call our engineer to your office.
Copy using Windows
If you use a floppy disk or flash drive for work, you can copy the container with the certificate using Windows (this method is suitable for versions of CryptoPro CSP no lower than 3.0). Place the folder with the private key (and, if there is one, the certificate file - the public key) in the root of the floppy disk / flash drive (if you do not place it in the root, then working with the certificate will be impossible). It is recommended not to change the folder name when copying.
The folder with the private key should contain 6 files with the extension .key. As a rule, the private key contains a public key (the header.key file in this case will weigh more than 1 KB). In this case, it is not necessary to copy the public key. An example of a private key is a folder with six files and a public key is a file with the .cer extension.
Private key Public key
Copy to Diagnostics profile
1. Go to the “Copying” Diagnostics profile using the link.
2. Insert the media to which you want to copy the certificate.
3. On the required certificate click on the “Copy” button.
If a password has been set for the container, the message “Enter the password for the device from which the certificate will be copied” will appear.
4. Select the media where you want to copy the certificate and click “Next”.
5. Give the new container a name and click on the “Next” button.
6. A message indicating that the certificate was successfully copied should appear.
Bulk copy
- Download and run the utility. Wait for the entire list of containers/certificates to load and select the required checkboxes.
- Select the Bulk Actions menu and click on the Copy Containers button.
3. Select the storage media for the container copy and click OK. When copying to the registry, you can check the box “Copy to the key container of the computer”, then after copying the container will be available to all users of this computer.
4. After copying, click the “Update” button at the bottom left.
If you want to work with copied containers, you need .
Copying using CryptoPro CSP
Select “Start” > “Control Panel” > “CryptoPro CSP”. Go to the “Service” tab and click on the “Copy” button.
In the Copy Private Key Container window, click on the Browse button .
Select the container you want to copy and click on the “Ok” button, then “Next”. If you copy from a root token, an input window will appear in which you should enter a pin code. If you have not changed the pin code on the media, the standard pin code is 12345678.
Create and manually specify a name for the new container. Russian layout and spaces are allowed in the container name. Then click "Done".
In the "Insert blank" window key carrier» Select the media on which the new container will be placed.
You will be prompted to set a password for the new container. We recommend that you set a password that is easy for you to remember, but that others cannot guess or guess. If you do not want to set a password, you can leave the field blank and click OK.
Do not store your password/pin code in places where others have access. If you lose your password/pin code, using the container will become impossible.
If you copy the container to a ruToken smart card, the message will sound different. In the input window, enter your pin code. If you have not changed the pin code on the media, the standard pin code is 12345678.
After copying, the system will return to the “Service” tab of CryptoPro CSP. Copying is complete. If you plan to use a new key container to work in Externa, .