Installing and configuring a cryptopro to work with an electronic signature. Cryptopro update Cryptopro csp 4.0 license agreement

A crypto provider is a means of cryptographic protection of information (), without which use becomes impossible. is formed on the basis of cryptographic algorithms, and the implementation of these processes is possible only in the presence of cryptographic information protection tools. CryptoPro CSP is the most popular product on the Russian market of cryptographic utilities. Most electronic trading platforms, information state systems (UAIS FST, EGAIS, etc.) and regulatory bodies that accept reports via the Internet (FTS, FSS, PFR) work with this program.

As of the end of September 2019, two versions of CIPF are valid in the "CRYPTO-PRO" line - 4.0 and 5.0. Both programs are certified and provide a full range of opportunities for EDS holders. In this article, we will focus on, consider the functions and characteristics of the software, licensing features, installation and configuration procedures.

We will help you to get an EDS. Consultation 24 hours!

Leave a request and get a consultation.

CIPF CryptoPro version 4.0: characteristics and functionality

State portals and trading platforms that receive users' requests post requirements and instructions for working with electronic documents on their websites. In addition, there is another popular crypto provider on the market - VipNet CSP. But some organizations (for example, Rosreestr) restrict users in their choice and indicate in the requirements the mandatory use of CryptoPro CSP. When issuing CEC certificates, certification authorities also most often use CryptoPro, therefore, if the user installs another crypto provider on the PC, errors may occur when creating a digital signature.

Software functions

CryptoPro software is systematically updated and improved. Latest certified assembly version (3-Base version). All current updates can be tracked on the official website of the developer in the "Certificates" section.

The crypto provider has been certified by the FSB. This means that it can be used to create an electronic signature and encrypt data in accordance with the Federal Law No. 63.

CIPF performs the following functions:

  • empowers digital files certified by the CECI;
  • prevents data compromise using modern crypto-encryption and imitation protection;
  • guarantees the authenticity and invariability of electronic files;
  • supports official authorization of private entrepreneurs and legal entities on Internet sites and web portals of government agencies.

Without a cryptographic provider, the user will not be able to participate in electronic document management (EDM) and perform the following operations:

  • remote;
  • sending reporting documents to Rosstat, Pension Fund of Russia and other government agencies;
  • interaction in information services, AIS Goszakaz, GIS Housing and Communal Services, etc .;
  • bank transfers and other financial transactions where CEC is needed;
  • filing an online application for participation in auctions under Federal Laws No. 223 and No. 44;
  • support in bankruptcy proceedings;
  • interaction with participants in corporate EDF.

From 01.01.2019, all CAs issue electronic certificates according to the new standard (GOST R 34.10-2012). The software fully complies with this standard and supports new crypto protection algorithms.

  • System requirements for installing software

    To fully use all the functionality of the cryptographic provider, all that remains is to install the certificates into the PC registry. As a rule, CAs issue certificates on key flash media, in rare cases, they are sent to the owner's e-mail.

    The installation of the certificate is carried out in the "Service" section of the CryptoPro program. This procedure is recommended to be performed in accordance with the instructions from the developer. As a result, the certificate should be saved in the "Personal" folder.

    At the final stage, save the root certificate (CS), which is available for download on the CA website. This document is saved in the Trusted folder. The CC performs an important function in EDF - it confirms that the certificate was received at an accredited CA.

Before installing, you need to understand: what is an EDS and why is it necessary to install it? EDS is an electronic personal digital signature. With this set of numbers and letters, documentation and certificates of different levels are encrypted. The main content of documents is often passport or other personal data (for example, rights). Before installing this signature, of course, you need to get it. This is done in a notary office that deals with EKP and EDS.

If you want to install an EDS and confirm the printing license, then you need to install the program in advance to recognize it. Without it, nothing will work. Often it is CryptoPRO CSP 3.6. It can either be installed from a disk, having previously purchased it in a store, or installed from the Internet.

On a note! The second option is much simpler. The licensed version of the program costs about two to three thousand rubles.

Step 1. Carefully study the data on your computer and use the Start menu to check if the program has already been installed (especially if you are not going to use your device at the moment).

  • if you do not have it, then go to step number two;
  • if it is still on the device, then check the product version, see if it suits you (if not, then the program should be reinstalled, if yes, then we leave everything unchanged), also do not forget to make sure that the CryptoPRO validity period is not expired! It is very important.

Step 2. If you understand that this program is on your computer, then proceed to the installation. Sometimes this is not very easy to do. You need to go to the licensed site (this is very important, since the pirated version will not work in full) and try to install the program.

  1. When you go to the site, you will see the following image.

  2. Here you need to select the "Pre-registration" column.

  3. When you click on this link, you will be prompted to fill out a questionnaire. The main thing is to write reliable and complete data. After registration, we agree to the agreement and proceed to download.

Step 3. However, we are not downloading the program itself yet, but only the installation file. Therefore, after the file has been downloaded, open it.

Step 4. Now we install the program itself.

Important! In some cases, it happens that the antivirus program does not pass CryptoPRO, considering it viral or especially dangerous. Do not be afraid, but just enter the program into the "Trusted" and install it further.

Step 4. We are waiting for the final download!

Step 5. For the program to work correctly on your personal computer, enter your license (key) number.

Video - Installing CryptoPro 4.0 and why you need it

Step-by-step installation of EDS

Step 1... Open the "Control Panel" tab (using a magnifying glass or the "Start" menu).

Step 2. We launch the pre-installed program.

Step 3. When CryptoPRO starts, we are transferred to the main screen of the program. There are a lot of folds on it, as you can see. We also need a tab called "Service".

Step 4. Next, you need to "View certificates in the private key container". You should not enter the name of the key container manually (although, if you want, you can do just that, this is your right), but for convenience, click on the "Browse" tab.

Step 5. After your click, an additional tab will pop up, where it will be necessary to select your container, as well as the available reader. When you are familiar with everything and check the data, click "OK".

Step 6. If you did everything correctly, then we will be taken back to the previous tab. We don't need to add any more changes, so go to the next window by clicking "Next".

Step 7. You have moved to the next tab. Here is located absolutely all personal information, which was encrypted with an EDS. You can also find and view the validity period. Also check the serial number of your program and signature (you should never forget it). We select "Properties".

Step 8. Now you have to install a new certificate.

Step 9. You will automatically be taken to the next tab. Here you need to carefully study all the information. And if you agree with it, then only then go to the next page.

Step 10. Here we need to look at all the certificates that are in the store. The "Browse" button will help with this.

Step 11. Since we encrypted our personal data, select the appropriate folder called "Personal" and click "OK".

Step 12. Congratulations! You have successfully installed the certificate. For complete completion, click on "Finish" and wait just a couple of seconds.

You can install ready-made certificates both from a hard drive and from removable media. Now we will talk about installing an electronic signature from a USB flash drive.

In fact, in addition to some actions, copying an EDS from a USB flash drive is no different from the usual installation of certificates. Before installing, you just need to insert the USB stick itself with the signature into your computer. Further actions will completely and completely coincide with the usual installation.

Installing the root certificate

Why is the installation of a root certificate required and where is it done? The root certificate is installed in the shared store to keep the server secure and to keep it running smoothly without any errors or bugs. To install and obtain a certificate, you will need a TPSP. This is a test certification authority for the product. You will need to log into the application using an administrator to get to the hub site. The site may be blocked by your antivirus, but this is completely normal. It only needs to be entered into the trusted ones so that no problems arise in the future.

From our new article, you can find out which one, as well as consider a detailed overview of the best programs.

Step 1. Request a certificate.

Step 2. When you get permission, download it from the center.

Step 3. Open the certificate and install it according to the instructions on the screen (you don't have to do anything, just click on the "Next" button a few times).

Installing keys in the "Registry"

If you want to know and also consider a detailed description of the program, you can read a new article about this on our portal.

Step 1. You need to configure the "Registry". And only then can you start installing the key.


Step 2. Copy the container that contains the keys / key.

Step 3. Paste it into the "Registry".

Step 4. Install the container in the program into the registry in the same way as it was done with the certificate.


CryptoPRO hangs when installing a certificate, what should I do?

To prevent possible freezes of the program, which will adversely affect the installation of your signature, you need to:

  • install licensed software;
  • install a licensed program, since the pirated version is very often subject to freezes;
  • check your computer for viruses or available updates (if any, they must be eliminated).

Also, the reasons for freezing can be:

  • incorrect paths to files, their inaccuracy;
  • if the certificate has been terminated by the company or has finally expired.

If none of the proposed reasons are suitable, then contact the technical support service, where they will certainly help you and eliminate the problem.

Video - Installing EDS (digital signature) in CryptoPro CSP

CIPF * is required for encryption and decryption of documents, using electronic signature. To work in SbiS * or to participate in electronic trading, CryptoPro must be installed on a computer.

1. Removal of CryptoPro cryptographic information protection system

    Removing the program is possible only if you have administrator rights on the computer. Make sure you have them!

    Always perform CIPF removal only through the Add / Remove Programs shell!

    Open "Start - Control Panel - Add or Remove Programs".

    Find CryptoPro CSP in the list of installed programs. Highlight with cursor and press "Delete". The program for removing the CIPF will be loaded. Follow the instructions of the program.

    When uninstalling CryptoPro CSP, it is possible that CryptoPro TLS is in the list of programs. Delete it too.

    When finished, restart your computer.

2. Downloading the distribution kit for CryptoPro

You need to download the distribution kit of the program on the "CRYPTO-PRO" website, after preliminary registration or order in our company "United CryptoSystems".

    When registering, a username and password are created to enter;


    In the next window, you will see a page with a license agreement. Read the terms and conditions, click the "I agree" button at the bottom of the screen to go to the distribution download section;

    According to the list we reach “Certified versions”, and select the link “CryptoPro CSP 4.0 R3 for Windows”, download the distribution kit to our computer.


3. Installing CryptoPro CSP 4.0

    Close all running applications before installing CryptoPro CSP;

    Run the downloaded CSPSetup.exe file.


    During the installation process, an information window will appear about the need to restart the computer. Close all programs in which you are currently working, click "OK".

    Wait until CryptoPro installation is complete and restart your PC.

    After restarting the PC, you must enter the serial number of the CryptoPro license:

Go to "Start" - "Control Panel" - "CryptoPro CSP". On the General tab, click Enter License. Provide user information, enter license number.


Make sure that the license expiration date appears in the Expiry field, or Permanent if the license is perpetual.

To participate in electronic auctions, each entrepreneur must have his own digital signature. EDS acts as an analogue of a handwritten signature, which gives legal force to an electronic document. To participate in electronic auctions on public procurement sites, it is necessary to provide high guarantees of the reliability and authenticity of the signature presented in the application for participation in the tender and in all accompanying documentation. In order to authenticate persons who sign electronic documents, a cryptographic utility CryptoPro was created, which allows generating and verifying digital signatures.

To get your own digital signature, you need to contact a certified certification center (CA), which issues a root certificate, as well as a public and private key.

Root CA certificate Is a file with the .cer extension that allows the system to identify the certification authority.

Subscriber's public key- This is a name file of the owner of the electronic key used to verify the validity and authenticity of the signed document. The public key can be published and sent to anyone and anyone, it is public information.

Subscriber's private key Is a set of encrypted files stored on an electronic medium. The owner of the private key uses a secret PIN-code for authorization in the system, therefore, if it is lost, the subscriber must immediately revoke his key through the certification center.

After receiving the electronic signature, it is necessary to install the software on the computer to work with the digital signature. The CryptoPro 3.6 software-encryption provider supports the state standards of the Russian Federation: GOST R 34.10-2001, GOST R 34.11-94 and GOST R 34.10-94.

The main purpose of CryptoPro

  1. Ensuring the process of giving legal significance to electronic documents through the use of EDS;
  2. Ensuring confidentiality and control of the integrity of encrypted information;
  3. Integrity control and protection of software from unauthorized changes.

CryptoPro 3.6 utility is compatible with the following operating systems:

  • Windows 2008
  • Windows
  • VistaWindows
  • 7 (Seven) Windows
  • 2003Windows
  • XPWindows 2000

After the release of Microsoft Windows 10, CryptoPro also updates its software and certifies the new version of CryptoPro CSP 4.0

Installing and configuring CryptoPro

  1. On the official website cryptopro.ru, you need to purchase the required version of the utility and install the encryption provider. Launch CryptoPro CSP and, using the prompts of the installer, install the utility on your computer.
  2. Next, you need to install the electronic ID support driver. Private keys can be stored on floppy disks, smart cards and other electronic media, but tokens in the form of a USB stick (eToken, Rutoken) are considered the most convenient analogue. For correct operation of the media, install the appropriate driver.
  3. Then you need to configure the readers. Launch CryptoPro as administrator and in the window that opens, find the "Equipment" tab and click "Configure readers". In the "Manage Readers" window that opens, click "Add". Select the required reader (for example, select AKS ifdh 0 for eToken). After installation, click "Finish".
  4. We proceed to the installation of the user's personal digital signature certificate. In the "Service" tab, click "Install personal certificate". Let's specify the path to the certificate file with the .cer extension.
  5. Next, we insert the token into the USB connector of the computer, indicating the container for storing the private key. To configure in automatic mode, you can check the box next to "Find container automatically". The system will prompt you to enter a PIN and place the personal certificate in the store. After installation, click Finish.
  6. Let's move on to configuring the browser to work with the public procurement portal. The zakupki.gov.ru website works only with the Internet Explorer browser. In the properties of the browser, you must select the "Security" tab in which you should select "Trusted sites" and click "Sites". In the window that opens, you need to register the following websites:


How to check the work of the digital signature?

To check the user parameters, you can use the test page http://www.etp-micex.ru/index/test-page/ by going to which information about the software settings and options for correcting errors is displayed.

Below is a thematic video: