If you wish, you can change the pin code.

For this:

1. Go to the "Start" menu - "Control Panel" - "Rootken Control Panel".
2. Click the Enter PIN-code button, enter your current PIN-code, click OK.
3. In the Manage PIN-codes tab, click the "Change" button, enter a new PIN-code.

Do not forget the new PIN-code, because no one can tell you.

JaCarta SE / LT

To change the PIN-code of the User of the PKI \ GOST part:

1.In the Unified JaCarta client, click on the "Switch to user mode" button

3. Enter the Current User PIN, New User PIN, confirm it and click on the "Execute" button

4. A message about the successful change of the PIN code should appear.

To change the PIN-code of the Administrator of the PKI \ GOST part:

1. In the Jacarta Single Client, click on the "Switch to Administration Mode" button

2. Select the required PKI \ GOST section

3. Click on the "Change Admin PIN" button

4. Enter the old PIN-code of the Administrator, new PIN-codes of the Administrator and click on the "Execute" button.

5. A message about the successful change of the PIN code should appear.

Is a password for a personal account considered an electronic signature? EDS password

CryptoPro: view the saved password (pincode) for the EDS private key container

Often, users cannot remember the password (pincode) from the EDS container, which is not surprising, it changes once a year when the EDS key is scheduled to be changed, after which the "remember password" checkbox is ticked and the password is never entered again. The saved password can be viewed using the console utility csptest, part of CryptoPro CSP.

The utility is located in the folder with installed CryptoPro (by default C: \ Program Files \ Crypto Pro \ CSP \).

Go to the directory with the program

cd "C: \ Program Files \ Crypto Pro \ CSP \"

We look at the names of the available containers of the EDS private key:

csptest -keyset -enum_cont -fqcn -verifycontext

the command displays a list of available containers of the form: \\. \<имя считывателя>\<имя контейнера>

After that, we display the saved password for the desired container:

csptest -passwd -showsaved -container "<имя контейнера>"

PS: This method suitable for CryptoPro 3.6 and higher. In CryptoPro 3.0, the csptest utility lacks the -showsaved option.

PPS: If this method does not help and you have hardware containers (tokens), you can try to enter the default password. For rutoken it is 12345678, for eToken 1234567890, for JaCarta PKI / GOST 11111111 (1234567890 if the backward compatibility option is enabled).

PPPS: The whole process can be automated with a regular batch file, which massively gets passwords from all available keys. Many thanks. You can download the bat file from here. Body text:

@echo offSetLocal EnableExtensions EnableDelayedExpansioncopy "C: \ Program Files \ Crypto Pro \ CSP \ csptest.exe"> nulchcp 1251if exist% computername% .txt del / f / q% computername% .txtif exist temp.txt del / f / q temp .txtset NameK = "" for / f "usebackq tokens = 3,4 * delims = \" %% a in (`csptest -keyset -enum_cont -fqcn -verifycontext`) do (set NameK = %% a; csptest -passwd -showsaved -container "! NameK!" >> temp.txt) del / f / q csptest.exeset / a $ ai = -1set / a $ bi = 2for / f "usebackq delims =" %% a in ("temp .txt ") do @ (set" $ a = %% a "if"! $ a: ~, 14! "==" AcquireContext "echo:! $ a! >>% computername% .txtif"! $ a: ~, 8! "==" An error "echo: Alas, the key medium is missing or the password was not saved. >>% computername% .txt & echo: >>% computername% .txtif"! $ A: ~, 5! "==" Saved "set / a $ ai = 1if! $ Ai! Geq 0 set / a $ ai- = 1 & set / a $ bi- = 1 & echo:! $ A! >>% computername% .txtif ! $ bi! == 0 echo: >>% computername% .txt & set / a $ bi = 2) del / f / q temp.txtEndLocalecho on

You can download the csptest utility for versions 3.6 and 3.9 separately from here.

Tmie.ru

I cannot import my key, how do I find out the password.

Hello! After you have received the keys, you need to install the software. You can familiarize yourself with the instructions by following this link: http://pki.gov.kz/index.php/ru/fizicheskie-litsa You can import keys as follows: If you have a Mozilla Firefox browser: Start the browser, select the Tools tab, further in this tab, select Settings. In the settings window that opens, select the Advanced tab, in this tab select Encryption, in it click on the View certificates button. In the window that opens, select the Your certificates tab and import the certificate into it using the AUTH_RSA algorithm. If you have Explorer or Google chrome, then you need to open the AUTH_RSA key: 1) You are greeted by the certificate import wizard - Next 2) The file to be imported - Next 3) Password - Enter the password and Next 4) Certificate store - Place all certificates in the following store - Overview: a) Check the box to "Show physical storages" b) Find in the "Personal" list, expand the list, select "Registry" - OK - Next 5) Completion of the certificate import wizard - Done To import into OPERA: Go to the menu Opera browser"Tools" - "Options" Select the "Advanced" tab, then "Security" and click on the "Set password" button Enter an arbitrary security password. Remember your password. Click "OK" Click the "Manage certificates" button In the window that appears, select the "Personal" tab and click the "Import" button. In the window that appears, select the AUTH_RSA ***. P12 file located on the disk drive and click the "Open" button Enter your EDS password Click "OK" Standard password from keys 1 to 6 (123456). If you changed it through your personal account on the pki.gov.kz website, then you set the password yourself. If you have changed the standard password and forgot New Password, you must apply for a new key and submit the documents to the PSC again.

pkigovkz.userecho.com

CryptoPro view the saved password (pincode) for the EDS private key container

Details Created: May 16, 2016 Updated: June 21, 2017

Recently I ran into a problem in accounting, CryptoPro asked for a pincode for a private key container, for what purposes I don't remember. The accountant, of course, not remembering any passwords, began flipping through his notebook, poking me a dozen flash drives and nervously muttering something about religion, government and directors. I also pretended to be a "reindeer" and got into the Internet and found an easy way to find out the saved password, pincode (if you please), for the container of the private key of an electronic digital signature (EDS).

I was very surprised by the simplicity, and thought that it would not work, but everything worked out. Here step-by-step instruction:

1. We launch the command line - the keyboard shortcut Windows + R, and then write cmd. A black window should appear (there are people who call windows signs :))
2. v command line you need to go to the folder with CryptoPro, in Windows XP you need to type the command cd "C: \ Program Files \ Crypto Pro \ CSP \" (quotes are required). In Windiws 7, the command can be cd "C: \ Program Files (x86) \ Crypto Pro \ CSP \"
3. Let's look at the list of container names for the private EDS key using the csptest -keyset -enum_cont -fqcn -verifycontext command

Now we can view the saved CryptoPro password for the EDS container of interest csptest -passwd -showsaved -container "<имя контейнера>"

I was surprised that it was so easy to restore forgotten password for an EDS container, I wonder how is it consistent with safety requirements, GOSTs, etc.? After such simple manipulations, the accountant started calling me "programmer", and I considered myself the coolest hacker :)

Add a comment

raboj.su

Questions and answers about EDS - Yvision.kz

What is EDS?

When we receive any paper certificate, we sign it. An electronic document, in order to give it legal significance, also needs to be signed. For this, an electronic digital signature is used - an analogue of a handwritten one. This is not a scanned version of your ordinary signature, the EDS contains digital symbols that confirm the authenticity of the electronic document, its ownership and the invariability of its content.

What is an EDS for?

EDS is needed to request electronic state services and services at any convenient time, without leaving home. And also, it is necessary when registering and authorizing on portals. e-government eGov.kz, state purchases, "Open government", E-licensing, etc.

How to get an EDS?

In order to receive registration certificates of the NCA RK (EDS), you must submit an online application on the NCA RK website, having previously installed the NCALayer application on your computer. After that, submit documents to the PSC RK, according to the Standard public service"Issuance and revocation of the registration certificate of the NCA RK". Without an approved package of documents, the PSC operator has no right to process applications for the issuance of registration certificates of the NCA RK (EDS). The applicant must submit the documents to the PSC personally, or using a proxy on behalf of the applicant according to a notarized power of attorney. EDS is issued free of charge.More detailed information about this procedure can be found on the official website of the NCA RK.

Why install the NCALayer app?

V recent times popular browsers began to block the launch of Java software. The NCALayer application is required to ensure the operation of the signature mechanism with EDS using Java in the browser.

What is the difference between EDS keys with the name AUTH_RSA and RSA?

RSA is a registration certificate intended for signing an electronic document / request. AUTH_RSA - registration certificate for user authentication.

Why is an EDS issued for a period of 1 year?

The validity period of all registration certificates of the NCA RK (EDS) is 1 year from the date of their issue. After this time, the registration certificates of the NCA RK are invalid. The period of 1 year is established to ensure the strength of cryptographic keys to limit the time period for their calculation by hackers.

How to independently extend the validity of an EDS?

With the help of the existing valid EDS, the user has access to the function of reissuing a new pair of keys without contacting the PSC to confirm the application. Confirmation takes place by signing an online application for the issue of an EDS with your valid keys. To reissue, use the personal account of the user of the NCA RK, having previously read the user manual for working in the personal account.

What is a digital signature on an identity card?

The new ID cards have a microchip, just like bank cards. EDS can be written into a special memory area of ​​this chip and used with a card reader. The recording procedure is carried out in any PSC (NJSC "State Corporation" Government for Citizens "), as well as when using a card reader on your own. This device is available in all computer stores. Note: EDS keys are recorded on an identity card only for individuals.

How to change the password for an EDS?

To change the password for EDS keys, you must use the user's personal account of the NCA RK, having previously read the instructions.

What if I forgot my EDS password, how to recover it?

If you have forgotten the password for the EDS keys, it is impossible to recover them. NCA RK does not store user passwords, and if you lose your password, you need to revoke these EDS keys and go through the standard procedure for obtaining new ones.

––––––

Short description procedures for obtaining an EDS here - http: //egov.kz/cms/ru/information/e ...

Instructions for obtaining an EDS and its reissue can be found here - http://egov.kz/cms/ru/information/h ...

Answers to some other questions - http://www.pki.gov.kz/index.php/ru/vopros-otvet

yvision.kz

Is a password for a personal account considered an electronic signature? # ep / esp # SED #ECMJ

Reader's question: The company works on an electronic offer, each client has its own personal account - a login and password are issued. Is this considered a simple ES? Can a simple electronic signature be a QR-code?

According to Part 2 of Art. 5 of the Federal Law N 63 "On electronic signature»A simple electronic signature is an electronic signature, which, through the use of codes, passwords or other means, confirms the fact of the formation of an electronic signature by a certain person. At the same time, on the basis of Part 2 of Art. 6 ФЗ N 63 information in electronic form signed by a simple electronic signature is recognized as an electronic document equivalent to a paper document signed with a handwritten signature when concluding an agreement between the participants of electronic interaction.

Thus, based on the above, the login / password can be considered a simple electronic signature. At the same time, we recommend that in the offer or other documents regulating the work in the personal account, it should be clearly stated what in your case is a simple electronic signature, the conditions for its recognition, etc. Examples of such agreements can be found on the Internet (Agreement on the use of a simple electronic signature when servicing clients through a personal account from OTKRITIE Brokerage House OJSC).

In our opinion, the Agreement must necessarily contain:

1. Terminology corresponding to the current legislation of the Russian Federation: what is a simple ES, a simple ES key, the owner of a simple ES key, etc.

2. Conditions for recognizing a document signed with a simple electronic signature, namely that the parties agree to use a simple electronic signature for signing electronic documents, and also recognize that such documents are equivalent to paper documents signed with handwritten signatures, etc.

3. Rules for determining the person who signed an electronic document using a simple electronic signature.

You can also designate a list of documents that will be signed using a simple electronic signature, the rights and obligations of the parties, their responsibility, etc.

ecm-journal.ru

Working with electronic signature :: Frequently asked questions :: DOCHOD Client Center :: Financial group "DOCHOD"

Working with electronic signature

1. What is an electronic signature?
2. How do I create an electronic signature?
3. How do I change my electronic signature?
4. How secure is it to use an electronic signature?
5. I forgot my e-signature key password, what should I do?
6. I forgot the code word, what should I do?
7. Computer requirements for signing documents with an electronic signature

1. What is an electronic signature?

An electronic signature (electronic digital signature) is a requisite of an electronic document that allows you to establish the absence of distortion of information in an electronic document from the moment of its signing and to verify that the signature belongs to the owner of the electronic signature key certificate. The value of the attribute is obtained as a result of cryptographic transformation of information using the private key of the signature. An electronic signature is analogous to a handwritten signature. The use of electronic signatures in Russia is regulated by Federal Law No. 63-FZ of April 6, 2011.

2. How to create an electronic signature?

You can create your own electronic signature using the "Key Management" section of the main menu of the system if you have a code word that you must indicate in the Client Questionnaire when you visit our office personally or when opening an account online.

To create and use an EDS in the system, you must also sign an Agreement on the use of documents in electronic form at the company's office or otherwise possible way.

3. How to change the electronic signature?

The electronic signature cannot be changed. However, you can create a new electronic signature key using the "Key Management" section of the main menu of the system. To do this, you need to enter your code word. After creating a new electronic signature key, your old key is canceled.

4. How secure is it to use an electronic signature?

An electronic signature is almost impossible to forge. However, you must take some precautions. Keep the electronic signature key in places inaccessible to unauthorized persons! Do not give anyone the key file and password to access it! If you suspect that your electronic signature key may be used by other persons, immediately inform the Company about it by phone: +7 812 635 68 65. The client is fully responsible for the safety of the electronic signature key and passwords.

5. I have forgotten my e-signature key password, what should I do?

The electronic signature key password cannot be recovered. If you have forgotten it, create a new electronic signature using the "Key Management" section of the main menu of the system. To do this, you need to enter your code word. After creating a new electronic signature key, your old key is canceled.

If you suspect that your electronic signature keys could be changed by third parties, immediately inform the customer service department by phone. +7 812 635-68-65 to block access to your account and revoke the electronic signature key.

6. I forgot the code word, what should I do?

The code word cannot be recovered. We cannot send it to your address. e-mail or say on the phone. To change the code word, you need to personally come to one of our offices. Check again how you enter your code word. It must be entered exactly as you wrote it in the Client Questionnaire. Check the case of letters (small or large) and the keyboard layout (input language, etc.).

7. Requirements for a computer for signing documents with an electronic signature

The component - Java Virtual Machine (JVM, Java virtual machine) must be installed and enabled on your computer in the browser settings, which is needed to run and work applets (loaded software modules) generation of keys and electronic signatures for documents.

With Microsoft Browser Internet Explorer usually comes a Java machine from Microsoft - Microsoft VM. You can also install a similar component from SUN (SUN Java Virtual Machine browser plug-in), which can be downloaded from the SUN website.

After downloading the file, double-click to start the installation of the component. After the component is installed, you need to restart your computer.

The service works correctly with components 3 Microsoft VM version 5.0 and higher, as well as Sun Java browser plug-in version 1.4.2_03 and higher, 1.5.0 and higher, 1.6.0 and higher.

View information about installed component Java VM (and also enable / disable it) can be in the browser menu "Tools" -> "Internet Options" on the "Advanced" tab, in the window that opens, look for the section about VM (Microsoft VM or Java (Sun)).

Version Microsoft component The VM can be viewed in the View -> Java console if the Java console enabled option is enabled in the Advanced tab.

If you have both components installed and enabled in the browser: both the Microsoft VM and the Sun Java plug-in, then one of them must be disabled.

If you are using a browser other than Microsoft Internet Explorer, we recommend choosing the browser installation package with Java or additionally installing a Java machine from Sun.

Operating room users Linux systems We recommend installing a Java machine from Sun version 1.5.0 or higher, which can be downloaded from the SUN website.

www.dohod.ru

Working with EDS on the "electronic government" portal

Services in the online format cause a lot of different opinions: some people mistrust, some find it too complicated, and some have already been successfully using electronic services for a long time, saving their time, money and effort. And the first step on the way to a productive organization of your time, business and even life is to receive EDS keys. What is hidden under these magic letters, and how to use them, we will tell you in this post.

What is EDS?

An electronic digital signature (EDS) is an analogue of a handwritten signature, which is used to give an electronic document the same legal force as if this document was on paper with a signature and a sealed seal.

EDS is a requisite of an electronic document obtained as a result of cryptographic transformation of information using an electronic registration certificate (hereinafter referred to as the Certificate) and a private EDS key.

Simply put, the use of an EDS is a full-fledged replacement for a handwritten signature.

According to the Law of the Republic of Kazakhstan dated January 7, 2003 "On Electronic Document and Electronic Digital Signature", the concept of "registration certificate" is given, which is used in international practice as "certificate" or "public key certificate". Basic concepts taken from the above law

• The National Certification Center of the Republic of Kazakhstan is a certification center serving the participants of "electronic government", state and non-state information systems;
• registration certificate - a paper document or an electronic document issued by a certification center to confirm the compliance of an electronic digital signature with the requirements established by this Law;
• owner of registration certificate - an individual or legal entity in whose name the registration certificate was issued, lawfully owning the private key corresponding to the public key specified in the registration certificate;
• electronic document - a document in which information is presented in electronic digital form and certified by means of an electronic digital signature;
• electronic digital signature - a set of electronic digital symbols created by means of an electronic digital signature and confirming the authenticity of an electronic document, its ownership and the invariability of its content;
• means of electronic digital signature - a set of software and technical means used to create and verify the authenticity of an electronic digital signature;
• public key of electronic digital signature - a sequence of electronic digital symbols available to any person and intended to confirm the authenticity of an electronic digital signature in an electronic document;
• private key of electronic digital signature - a sequence of electronic digital symbols known to the owner of the registration certificate and intended for creating an electronic digital signature using electronic digital signatures.

What are the advantages of using EDS on our portal?

Key benefits when using EDS through the e-government portal:

• The ability to receive electronic services from government agencies at any time convenient for you: around the clock, seven days a week;
• Possibility of submitting electronic applications to virtual receptions of state bodies of the region and the republic. A link to the "Electronic Submissions" service appears in the right block of the portal pages after user authorization.

Software Update

In early May 2012, the development team of the National Certification Center announced the release of an upgraded version of the NCA RK software.

The purpose of the transition to the use of the new software is to facilitate the installation of root certificates for legal entities and individuals. Previously, users had to resort to using the Tumar CSP software, which required special efforts during installation and was limited by the Windows OS, but now, with the new software, everything is much easier.

So what's the difference?

• Root Certificate - A certificate owned by a CA that verifies the validity of other CA-issued certificates. In order for the software, for example, the operating system or browser, to be able to correctly verify the user certificate, it is necessary that the root certificate has been previously installed in the browser or in operating system.
• Tumar CSP is software that “injects” into the Windows operating system the GOST cryptographic algorithm, which is not natively supported by them. That is, he was software for the cryptography subsystem of the operating system, and the root certificate is the information used by this very subsystem of cryptography.

Previously, the user had to install the Tumar CSP software in a tricky way. And also, he was tied to the operating room Windows system, since Tumar CSP fully functioned only on this OS.

From now on, the user only needs pre-installed Java, one of the most common operating systems (Windows XP / Vista / Seven, Linux) and access to the Internet.

Moreover, the entire process "Installing software - Obtaining EDS - Obtaining portal services" is available on Mac OS X. Root certificates for this OS must be downloaded in pure form. They are available at this link.

This year, it is planned to implement the corresponding functionality for the Android OS, then according to the plan - support for iOS and Windows Mobile.

The very procedure for obtaining certificates has not been changed. Let's represent it in a schematic form:

Brief explanations of the procedure for obtaining a certificate

Let us repeat the description of the process of obtaining RTC certificates. On the portal there is a page "Receiving an EDS", which briefly describes the steps and provides links to download the necessary software, user manuals and forms of documents. It contains all the necessary data, both for individuals and for legal entities.

If you want to install the certificate for the first time, we recommend downloading the user manual, where it is available and with illustrations, showing the steps of the entire process of obtaining a certificate. You will save yourself from many problems and malfunctions by performing all your actions according to this guide.

For clarity, the presentation of the entire process, starting with the installation of certificates, ending with obtaining help from a popular electronic service, I will post screenshots with explanations.

Maybe, on the one hand, it will look like a repetition of instructions, but still, this is the author's own experience in going through this process.

Registration on the portal

Registration on the portal is implemented in the usual, one might even say, in a very simplified way. I am required to enter my IIN in the required field. After clicking the "Find" link, my name was automatically entered into the required fields, and all I had to do was indicate a password and enter my e-mail address to receive notifications.

So, the registration was successful and there were no difficulties at all.

Here we open the first tab and click on the buttons. First, we download the root certificates, which will be installed in 2 clicks, and then you need to download Java from its official website. This site is completely easy to navigate, as is the installation of the software itself. It took no more than ten clicks on obvious buttons.

After these operations, it was time to apply to the RTC for a certificate. To do this, click on the "Submit online application" button, which will open a special application submission page.

After entering your personal data, you must indicate the address of the PSC, where it will be convenient for you to come to confirm your identity that it is you (and not someone

The most demanded professions in the north How to open a hobby club

And before sending the documents in the personal account of the taxpayer, they entered password to the electronic signature certificate, or to put it simple language signed our "tolmuts" with an electronic signature.

Somehow I lost sight of the fact that not everyone knows what it is. The topic is useful both for helping with creating an electronic signature in your personal taxpayer account and for general education. Considering that many of my readers are retirees - people of advanced age and not confident enough in communicating with, "I will put everything on the shelves."

First of all, let's figure out what an electronic signature is for and what kind of password is from the certificate. Everything here is simple, like a simple signature from under the pen, it is needed to give legal force to any document. But a simple one can be verified with the one in the passport and at worst to carry out a graphological examination of its authenticity. But how to verify and check the electronic one? Everything is much more complicated here. But first about the types and types.

Types and types of electronic signatures

I will say right away that there are not a great many species, but only two:

• simple electronic signature;
• reinforced;

Simple is a username and password. It confirms that it was sent by their owner. And nothing more. We are interested in reinforced. In addition to identifying the sender, she also confirms that after signing the document has not changed and is equated to a documentary piece of paper with a signed pen.

There are also two types of reinforced ones:

• qualified electronic signature;
• unqualified;

In the tax office, an unqualified enhanced electronic signature is created and it can be used in document circulation only within the framework of the IFTS! But the use of a qualified signature is much wider, but to obtain it, you must personally apply to a certification center accredited by the Ministry of Telecom and Mass Communications of Russia. And this service is paid.

If you do buy it, then you will have the opportunity to register with the tax authorities without hardships. And then log in there using this very signature instead of a username and password when choosing this authorization method. By the way, and in too. And of course, she must sign all possible electronic documents, including in the tax office, of course.

This is followed by a general educational program. If you are not interested in it, you can skip this section and scroll down. It already describes how to create an electronic signature in the personal account of the taxpayer and the very saba about the password to the certificate too. And experts in the field of cryptography, I ask you not to judge me strictly for some inaccuracies and simplifications in this opus.

Mechanism for sending documents signed with an enhanced electronic signature

It would be more correct to use the word algorithm instead of mechanism. But I will not frighten the main part of our audience - pensioners with “abstruse” words. And then do not be alarmed, I will explain everything. So, how, for example, does Comrade Ivanov transfer signed documents to the Tax Service? Moreover, so that no one could read and replace them. In scientific language something like this:

First, Ivanov and Tax Office generate public and private encryption keys. Then they exchange open ones among themselves. In the next step:

1. Ivanov encrypts the "message" with his private key and, as a result, it is signed.
2. Further, Ivanov encrypts with the public key, which was previously sent to him by the Tax Office, what happened after the execution of point 1. Now no one outsider will be able to read anything, even if he intercepts it.
3. After the Tax Service has received Ivanov's "message", it first decrypts it with its private key and sees Ivanov's encrypted document there.
4. It was then that "Tax" decrypts it using the public key given to her by Ivanov at the very beginning. As a result, Ivanov's signature is verified.

And in the "workers 'and peasants'" language of "appearances and passwords" it will be approximately similar to the following event:

First, Ivanov prepares a suitcase with a spare key and a paper with personally signed details, and the Tax box also with a spare key. They go to the post office and send parcels to each other. Ivanov puts the key from the suitcase into the parcel post, and sends the paper with his details into the valuable letter separately. Tax - a box with a parcel and a parcel post with one key are also separate.

Ivanov, having received the parcel and the parcel, hides, for example, his signed document in the box and closes it with the key from the received parcel. He puts this secret box in his suitcase and also closes it with his key. And then he sends this "matryoshka" in a parcel to the Tax Office. Keeps the keys to the box and suitcase.

Why is it better to choose storing the key in the system of the Federal Tax Service of Russia, I think you will not have any questions. If you have read the explanations, then you have noticed the undeniable advantages of this particular option.

After sending the request, a waiting window appears with a spinning circle. Sometimes it can be delayed for quite a long time:

Then a window will appear informing you that the certificate has been successfully issued. Here you can open a window with your certificate by clicking on the "View certificate" link:

in the window that pops up after this, enter the password that you have already entered twice at the very beginning and the "Next" button:

And in the next window, admire your certificate, see these very details that are verified in the tax office when receiving documents from you. It looks something like this:

Error generating ES certificate

In the first time after the launch of the tax site, it was quite a frequent occurrence. Then, as it were, everything "settled down". Now such "glitches" began to appear again. For example, I find out about this by looking at the traffic statistics of this blog. It rises sharply. And all at the expense of the article that you are currently reading.

In this regard, I can only say that the point here is most likely not in you and not in the password, but in the congestion of the FTS portal. This is especially evident in the last days submission of tax declarations of organizations and other tax payments of individuals. The lion's share of them usually falls on the first quarter, that is, the beginning of the year.

So if the message "Error generating the electronic signature certificate" appears on your monitor, do not worry too much. Be patient and try this operation again. Better to come back to it another day. Perhaps "glitches" by this time will end and you will be lucky.

What to do if you have forgotten the password to access the certificate of the electronic signature verification key

Don't be upset. Nothing wrong with that. This is not a password from personal account a taxpayer, in case of loss of which, you will have to re-visit the IFTS. This is if you did not bother to set a code word for its recovery by e-mail.

Everything is much simpler here. Pay attention to the bottom window there is a link "Revoke the current certificate". Feel free to click on it and after that create a new certificate and you will have a new password:

their time, and in terms of cost savings. I'm not even talking about the fact that this is a more progressive step in your business. And do not be upset if you have lost the password to the ES certificate, it can always be restored.

Good luck to you! And see you soon on the pages of the PenserMen blog.

This page contains answers to FAQ that arise when working with EDS. Select the question you are interested in, open it and clearly follow the instructions.

WOscripts.com - JavaScript - Contractible Headers Script

1. Obtaining an EDS

To obtain an EDS, you can fill out a registration card on our website (in the section "Receiving EDS"), or on the site where you learned about us, or contact the nearest CA.

When contacting the CA, you must have the following documents with you:

identity documents (standard - a copy of the passport);

documents confirming the existence of the legal entity (TIN certificate, Unified State Register of Legal Entities, etc.);

a power of attorney for the FL on vesting him with the authority to perform certain actions from the organization;

upon receipt of an EDS for the head, an order for appointment to a position (decision on election).

Additional information required by the CA in accordance with its regulations is not regulated by law. In practice, each CA has its own list of documents for obtaining an EDS.

2. EDS does not work

1. The private key on the specified container does not match the public key in the certificate. We check all closed containers, perhaps you have chosen the wrong one. If we do not find desired container, you need to contact the CA to reissue the EDS

2. The certificate is not valid Install the EDS according to the instructions of the CA

3. There is no trust in this certificate. You need to install the root certificates of your CA according to the instructions. To do this, you can download them on the AETP website or find them on digital media supplied with the EDS.

4. CryptoPro has expired You must enter license key CryptoPro programs from the documents supplied with the EDS of your CA.

5. Capicom is not installed Download Capicom and install it with the browser closed and configure the browser according to the instructions of the TP on which you plan to work.

6. No valid certificates were found (or the certificate selection is not displayed)

Produce EDS installation according to the instructions of the CA

Check the expiration date of the certificate (it may have expired)

Install the root certificate of your CA

Install CAPICOM with closed browser

3. Is there a possibility of hacking or counterfeiting the EDS?

According to most experts, it is impossible to forge (hack) an EDS - this requires a huge amount of calculations that cannot be implemented at the current level computing technology and mathematicians for acceptable time, that is, as long as the information contained in the signed document remains relevant.

Additional protection against counterfeiting is provided by certification of the public signature key by the certification authority.

4. An EDS user with administrator rights has quit. How to be?

5. Forgot your EDS password. How to recover a key?

Standard passwords: Rutoken 12345678, Etoken 1234567890

If you have forgotten the password on the Rootken, you need to use the Rutoken console, which is installed along with the driver and is accessible from the Control Panel (Windows). This applies to the case if the User knows the password (pin-code) of the Administrator, and he needs to unlock the token (reset the counter of the number of incorrectly entered passwords to 0).

If the carrier is Etoken, you need to contact the CA.

6. How to digitally sign a word file

Document created in Microsoft Office Word, signed with an EDS, the private key of which is generated EDS means not earlier than Crypto-Pro 3.0. Before signing, you need to check the Crypto-Pro core (Start / Control Panel / Crypto-Pro / General. The tab will indicate the version of Crypto-Pro and then “build” - this is the core). It is advisable to install the latest build product.

Now we sign the document itself

The document must first be saved. In the menu, select Tools / Options / Security / Digital Signatures / Certificate, click "OK" and sign the document. If the certificate is not registered in Personal, the document cannot be signed. Save your document. Select Office Button / Prepare / Add digital signature/ Prescribe the purpose of signing the document (for example, accreditation) / Select a signature / sign. The message "This document contains a digital signature" appears. A red emblem will appear on the panel.

7. Where can I get an EDS for free?

Free EDS is received only by state. organizations in the divisions of the Federal Treasury

8. Can an individual get an electronic signature?

An individual can also receive an EDS. Currently, this service is most in demand for individuals to participate in trading on electronic trading platforms for bankruptcy (sale of bankruptcy property). To receive an EDS individuals you need to contact the CA, having with you:

Passport of a citizen of the Russian Federation;

TIN assignment certificate.

9. Is there a universal EDS for general use?

A universal digital signature that would work on electronic bidding(both state and commercial) and with the help of which it would be possible to file reports, does not exist at the moment.

10. Where to get training on working with EDS?

You can take training at the training center of the Association of Electronic Trading platforms... Seminars are held regularly on the territory of most of the constituent entities of the Russian Federation.

11. How many days does an EDS take?

12. Can I give my EDS to a colleague during my vacation?

No. Responsibility, according to the Federal Law on EDS, is borne personally by its owner.

13. Help! I deleted the signature from the flash drive, what should I do?

Contact the CA for EDS restoration and reissue

14. Will the contract be valid if I sign it today (my EDS expires tomorrow), and my partner in a week (at the time of signing by the partner, my signature will no longer be valid, but when I signed it, it was still working)?

If the document is signed according to all the rules and the EDS validity period at the time of signing has not expired, the agreement will be valid, but it will be impossible to make changes to it after signing.

15. Can a digital signature issued for tax reporting be used on marketplaces?

No. EDS for tax reporting is not suitable for electronic trading.

16. How do you get an EDS?

EDS is received only personally by the owner of the certificate

17. How to rewrite a signature from a disk to a USB flash drive?

Copying the private key container:

To copy the private key container, go to Start - Programs - CryptoPro - CryptoProCSP and go to the Service tab. Click the Copy button.

The system will display the Copy Private Key Container window

In this window, fill in the following input field: Key container name - entered manually or selected from the list by clicking the Browse button

Search options:

The entered name sets the key container - the switch is set to User or Computer, depending on which storage the container is located in;

Select CSP to search for key containers - the required Crypto Service Provider (CSP) is selected from the list provided.

You can also select the container corresponding to the certificate installed in the system. To do this, instead of the Browse button, click By certificate and select from the list of certificates installed in the user's personal stores, or, if you have administrator rights for the local computer, the certificate whose container you want to copy;

If access to private key a password is set, the system will ask you to enter it. Enter your password and click OK.

The system will display the "Copy private key container" window, in which you must enter the name of the new key container and select the check box. The entered name sets the key container to User or Computer, depending on which storage you want to place the copied container in.

After entering, click the Finish button. The system will display a window in which you need to select the media for the copied container.

Insert the media into the reader and click OK. The system will display a window for setting a password to access the private key. Enter the password, confirm it, if necessary, set the Remember password flag (if this flag is set, the password will be saved in a special storage on local computer and when accessing the private key, the password will be automatically read from this store, and not entered by the user).

If you liked the material, you can post a link to it on social networks: