How to copy a public key EDS. How to copy a certificate and private key from the registry. How to copy a certificate from the registry to a USB flash drive

A copy of the EPC will be useful for:

guarantees of signature safety
usability

Some certification authorities provide the service - backup.

Copying of an electronic signature from a protected medium is performed using the CryptoPRO CSP program.

A copy of the EDS is made on a secure medium, such as Rutoken / Etoken. A regular USB stick will not work.

Copy from CryptoPro CSP

First of all, download and install the CryptoPRO CSP program from the licensed site. Insert the EDS carrier into the computer. Start earlier installed program... Open the section - Service → “Copy”.

In the window that appears, select Browse. Select the medium you want to copy → “Ok“ → “Next”. In the line for entering the pin code, insert the pin code from your ES carrier

Give a name to the new container using Russian layout and spaces. Click → “Finish”.

On the line - “Insert a blank key carrier”, Specify empty media. The program will prompt you to set a password. This action is optional. Click → “Ok”. It is worth noting that if you lose your PIN code, you will not be able to use the container. When registering electronic signature on Rutoken, use the pin-code issued by the certification center.

Upon completion of the operation, the window will close. A new container will appear on the carrier, which will be a copy of the EDS.

If at self-creation If there is a problem with a duplicate, you can contact our CA. Our managers will be happy to answer your questions. Contact us!

Almost every organization has some kind of electronic key. They are widespread and without them it is practically impossible to conduct any activity. They are needed to sign documents for submission of reports and for many other things. Therefore, those who serve the IT sphere in the organization need to know what it is. For example, today we'll talk about how to copy a certificate from the registry and transfer it to another computer.

How to copy a certificate from the registry to a USB flash drive

Let's imagine you came to an organization and you need to configure access to a portal for a new employee. Electronic key you do not have and where to get it you do not know. In this case, the easiest way is to copy it from the computer on which it is installed. To do this, take a clean flash drive and launch Crypto Pro. Start - All Programs - Crypto Pro - Certificates. In general, it is better to keep copies of the keys on a separate flash drive in your closet.

In the window that opens, go to the Composition tab and click Copy to file from the bottom.

The certificate export wizard will open on the first tab, click next. You need to specify copy private key or not. We do not need it yet, so we leave everything as it is.

Now we mark the required format of the certificate in most cases, here you need to leave everything by default.

How to copy a private key from the registry

Some certificates require a private key. It can also be copied from the registry to a USB flash drive. This is also done by simply launching Crypto Pro. Go to the service tab and select the Copy item.

Enter a new name and click Finish.

In the window that opens, select the USB flash drive.

As a rule, the digital signature is recorded on a USB-stick. However, if you need to install an EDS from a USB flash drive to a computer, that is, copy the EDS to a computer, find out in this article how to quickly and easily do this.

Copy EDS to computer

Of course, it is not always convenient to carry a USB flash drive with you all the time. It can either become unusable, or it simply may not be at hand at the right time. In this case, the method in which we copy EDS certificate to the computer itself, which later will make it possible to do without a USB drive.

To copy EDS to computer please follow further instructions:

Insert the USB-drive with EDS into the computer and run the program CryptoPro CSP , go to the tab Service and press Copy ....

In the window that opens, select key container, to do this, press the button Overview.

In the opened list of key user containers, select a container and click OK.

After selecting a container, its name will appear in the line Key container name... In the next window, just click Further.

In the next step, you need to specify information about the new container, for which enter Certificate name (come up with any name for the key certificate). Then press the button Ready.

For a newly created container, it is possible to set a new password. If you want to set a password, enter it twice in the appropriate fields. If you do not plan to use a password, leave the fields blank and click OK.

So, we have selected an object for copying, indicated the storage location of the certificate. Now you need to install this certificate.

In the tab Service click View certificates in a container ...

By pressing the button Overview, in the window that opens, if you paid attention, another key container appeared. Select the newly created container and click OK.

After selecting a new container, click Further.

In the window that opens, the certificate for viewing will be indicated. Click on Install.

As a result, after the actions you have taken, a message will appear about the successful installation of the certificate. Click on OK.

Ready. EDS is installed on the computer.

If a floppy disk or flash drive is used for work, copying can be performed Windows tools(this method is suitable for CryptoPro CSP versions not lower than 3.0). The folder with the private key (and the certificate file, if any) must be placed in the root of the floppy disk (flash drive). It is recommended not to change the folder name when copying.

The folder with the private key must contain 6 files with the extension .key. As a rule, in a closed key there is public key(file header.key in this case will weigh more than 1 KB). In this case, copying the public key is optional. An example of a private key is a folder with six files and a public key is a .cer file.

Private key Public key

Copying with CryptoPro CSP

Select Start> Control Panel> CryptoPro CSP. Go to the "Service" tab and click on the "Copy" button.

In the window "Copy the private key container" click on the "Browse" button .

Select the container you want to copy and click on the "Ok" button, then "Next". If you copy from a rootken, an input window will appear, in which you should enter a pin-code. If you haven't changed the pincode on the carrier, the standard pincode is 12345678.

Create and manually specify a name for the new container. Russian layout and spaces are allowed in the container name. Then click Finish.

In the "Insert blank key media" window, select the medium on which the new container will be placed.

The new container will be prompted to set a password. We recommend that you set a password so that it is easy for you to remember it, but outsiders could not guess or guess it. If you do not want to set a password, you can leave the field blank and click "OK".

Do not store your password / pin code in places where unauthorized persons have access. If you lose your password / pin-code, you will not be able to use the container.

If you copy the container to the ruToken smart card, the message sounds different. Enter the pin code in the input window. If you haven't changed the pincode on the carrier, the standard pincode is 12345678.

After copying, the system will return to the "Service" tab of CryptoPro CSP. Copying completed.

If the electronic signature was issued in the register of the PC, then you can copy it to the medium according to the following instructions.

Step 1. Open CryptoPro and go to the "Service" tab, then click on the "Copy" button as shown in the instructions.

Step 2. In the window that appears, click the "Browse" button in order to select the electronic signature container you need to copy.

Step 3. In the list of existing containers that appears, select the container you need, which you need to copy to the media and click the "OK" button.

Step 4. Confirm the action by clicking the "Next" button in the window that appears

Step 5. In the window that appears, specify the name of the new container that will be created on the media. The name in the field is put down automatically, so you can simply leave it alone. Click the Finish button.

Step 6. The media selection window will appear. Select the required medium from the list to which you want to copy the electronic signature. In order to understand which media to choose from the list, look at the field "Inserted media": it will either say "There is no media", which means you have selected a non-existent media, or a media name similar to the name in the screenshot will appear. Select and click OK.

Step 7. After you select the carrier, a window for entering the pin code for the new electronic signature container will appear. We recommend entering the standard pin-code "12345678", because customers often forget or lose their PIN codes, after which the electronic signature has to be reissued. You can ask your (different) PIN code if you are sure that you will not lose it. After entering the pin code, click the "OK" button.