Despite the constant development of technology, Internet systems cannot be completely insured against any overlaps. Errors can occur at any time during operation. This article contains answers to frequently asked questions about errors that are difficult to find solutions.
Errors
As a rule, the matter does not end with one systemic flaw. There is a small list of inaccuracies that a VTB client may encounter at any time.
| How to solve? | What happened? | What is needed for this? |
|---|---|---|
| On one's own | Private key file not specified (incorrect password); | Internet connection |
| CIPF initialization errors; | ||
| An error occurred while creating a key carrier for the cryptographic information protection system; | ||
| Errors when decoding the secret key; | ||
| Error reading key container. | ||
| With the help of VTB specialists | Internal error, please try again later; | Contacting the VTB office with a Russian passport. |
| The user is not connected to any client; | ||
| Authentication error; | ||
| The account is blocked. |
There is a solution for each of the above-located points that can be used by all VTB clients who have encountered a certain problem. So how do you fix the different kinds of errors?
Private key file not specified or incorrect password
This problem occurs:
- When entering a password on the login page. If a problem occurs at this stage, it means that an incorrect password may indeed have been entered. It can be changed; after this procedure, you must enter a username and a new password.
For a solution, it is recommended to check the correctness of the entered password at the entrance: language (RU / ENG), case of letters. It should be remembered that the key decryption code is not recoverable. You can change or change the password for accessing the VTB-Online system.
- After pressing the "Enter" button. An error occurring at this stage indicates corruption of the private key files.
If a saved copy of the key is available, then it will be possible to log in to the system. Additionally, it is recommended to log out to your personal account using the Internet Explorer version 10.0, which should be launched in the "Administrator" mode.
- If the backup copy is missing or does not work, then the client can request a new certificate and save it additionally on another storage medium: a USB flash drive, removable disk.
For its validity in the Personal Account, the certificate must be activated at the VTB branch by submitting the act of entering the Key Certificate at the place of opening the accounts. As a result, the error "The private key file is not set" of the VTB service disappears.
Error during initialization of cryptographic information protection system
This problem occurs if the path to a directory that does not contain the "keys" folder and a bunch of files is entered in the field of the CIPF key carrier directory: kek.opq, mk.db3, masks.db3, rand.opq, request.pem. In this case, the error of accessing an external system also takes place.
How can this problem be dealt with? The main thing is to create another direction in the general directory, where the "keys" folder and all of the above files will be located. If all files are stored on removable media, then the client must register the direction to it.
An error occurred while creating a key carrier for cryptographic information protection
This malfunction can occur for two reasons:
Reason 1: non-existent path. The occurrence of this error informs that the path leads to a directory that does not exist in the system or to the media removed from the device. To solve this problem, you need to look at the direction on the line "Catalog of the CIPF key carrier", which should lead to an empty directory.
Reason 2: the path is write-protected. First, the attributes set in the directory properties are checked, to do this, follow the instructions:
- Click on the desired folder and click select "Tools", the "Properties" tab.
- Go to the "General" tab and select the "Attributes" section.
- Look at the read-only attribute line and make sure there is no bullet next to the line. It can be in the form of a check mark or a green square. If the marker is present, then it must be removed, leaving the square empty.
- Agree to all pop-up system messages and confirm the changes by clicking on the "OK" button.
- Update your personal account by pressing "Ctrl + F5" on the keyboard and specify the direction to the "Catalog of the cryptographic key media" again.
If it is impossible to remove the "Attribute", that is, the actual lack of access to the administrator's functions, you should make a certificate request for a flash drive or request the rights of the system manager.
Internal error, please try again later
The option when the performed operation is temporarily unavailable also takes place. This problem occurs when duplicating accounts. The only solution to this is to contact the VTB department to see specialists.
Error decoding private key
The problem usually occurs when the certificate is saved to the key media. It is possible that the password is entered incorrectly to decrypt the key. To solve it, you need to check the keyboard language, case, correct input. Alternatively, you can write the password in the Russian layout. If you have forgotten it, you can request a new certificate and re-save it to a blank data carrier.
Errors can appear when you click on the floppy disk icon. In this case, you need to check the entire file structure in the directory where the certificate is saved. It should contain the following names: "masks.db3", "rand.opg", "kek.opg", "mk.db3", "request.pem" and a folder "keys" with the file "00000001.key". If the name of the documents in the folder is spelled differently, then you should rename it to the correct one and check if the problem has disappeared.
User is not connected to any client
It is written at the entrance to the Personal Account if the client's account is blocked in the VTB client bank. For a solution, you need to go to a convenient VTB office with a passport.
Authentication error
This information appears on the screen when you try to log in to the Personal Account of a VTB client. If such a problem exists, then with a passport you need to contact bank specialists at the VTB office.
The account is blocked
The user can act in different ways, depending on the information on the screen. If the unlocking time is indicated, then you should wait for this particular time. If you are advised to contact VTB technical support, then you should do just that.
If the client bank is blocked and nothing additional is indicated, then in this case the client must contact the VTB branch personally with a document that will confirm the person's identity, where managers will give recommendations or unblock closed accounts.
Key container read error
Occurs when there is no certificate on the media. To fix it, you need to check the entire directory structure, the shared folder should contain the following documents: "masks.db3", "rand.opg", "kek.opg", "mk.db3", "request.pem" and folders "keys" , "Cert", "CA". If some folders are missing, then go to the VTB LC and re-save the certificate. How to do it? In the field "Catalog of the SKZI key carrier" we indicate the correct path to the root directory with the necessary documents and click on the "Save" button. Then you can try to sign in again.
What is the catalog of the CIPF key carrier?
CIPF is a service that provides electronic encryption of documents. This is usually used to obtain a signature for important information or, conversely, send documents. Where can I get the catalog of the key carrier of the cryptographic protection system? In fact, this is a place for storing electronic keys; in this situation, the keys of the VTB client bank are saved. Store it, preferably on a separate medium: a USB flash drive, disk or on an internal drive.
Instructions for creating cryptographic keys
How to create a secret key in VTB client bank? To begin with, you enter the client bank using the link; at the initial login, the system may suggest installing an ActiveX control to protect information. After installing the component, you need to set up your personal account for registering the organization in the VTB banking system.
To create private keys, you need to obtain a certificate:
- Log in to the online office;
- The reader (password generator) can generate a login code if used by the client. If there is one, then it is necessary to press the "B" button on the device and the automatic generator will generate a code.
- Receive an SMS with a one-time code to the phone number linked to the VTB LC.
- The password at the first login must be changed in the settings from temporary to permanent and more secure.
In LC VTB you can create a certificate. Storage space must be found in advance on a USB flash drive or computer.
Please note that only one certificate should be stored in one folder, without residual other files. Otherwise, you will get an error related to the VTB bank-client. To do this, on the "Request a new certificate" tab, you must specify the path to the folder in which the keys are stored.
When a message from the computer “Generator initialization” appears, you need to move the mouse in a random order.
Upon completion, a new decryption input window will appear with a request to enter a new password for the secret key. It must be remembered; attention is also paid to the case of letters and the language of the keyboard.
Next, the creation of the certificate is completed. It will be available in the "Requests" section, where VTB will automatically transfer the client. After receiving the certificate, a message appears about sending data to the bank.
Generation of VTB keys
To create a unique key, you need to install the Quik VTB software (publisher of Step Up inc), which is needed to create secret keys.
- We launch the application on a PC and at the initial stage, the application asks us to show the path to the location of the codes, the client name and password with which we will open the service. If the client password specified at this stage is lost, the encryption key is created again and from the very beginning, since this password cannot be recovered.
- The second step is to confirm the password.
- In the next window, the parameters of the key being created are checked. If everything is correct, press the "Next" button.
- Then a message appears about the input of random numbers. You do not need to remember the data entered into the line. We finish the work with the "Install" button.
After creation, you can click the "Finish" button and finish working with crypto keys. Now we send the e-key document for registration to the email address: [email protected] but for security reasons a file called sekring.txk is not sent. The letter contains the full details of the owner, the agreement number specified in the notice, clause 2, and the file pubring.txk.
We are waiting for the bank's response, we print the applications from the response letter and put signatures at any VTB office in the presence of a bank specialist.
What if a VTB client has forgotten the secret key password?
Unfortunately, it is not possible to reissue or change the password for the certificate in the VTB online client. To work, you need to resave the document itself, then the electronic keys will be updated.
If problems arise in a VTB client bank, not all users can cope with the solution on their own. And with such cases, you can contact the technical support hotline for advice from operators, name your authorization data and calmly use the solutions of specialists.
Organizations and individual entrepreneurs working with the EGAIS alcohol system often have problems with the UTM EGAIS services related to the operation of the built-in anti-virus protection system "Windows Defender".
How do you diagnose the problem?
The transport service of the UTM EGAIS does not start, however, in the service logs located in the file C: \ UTM \ transporter \ l \ transport_info.log, an error message appears, such as this:
ERROR es.programador.transport.Transport - Error initializing and starting transportjava.lang.NoClassDefFoundError: es / programador / transport / b / a
at es.programador.transport.Transport.main (Unknown Source)
Caused by: java.lang.ClassNotFoundException: es.programador.transport.b.a
at java.net.URLClassLoader.findClass (Unknown Source)
at sun.misc.Launcher $ AppClassLoader.loadClass (Unknown Source)
at java.lang.ClassLoader.loadClass (Unknown Source)
... 1 more
At the same time, the following security event message can be found in the Windows Defender log:
If you see such errors / messages, then you need to configure Windows Defender to work with UTM EGAIS.
How to configure Windows Defender to work with UTM EGAIS?
First, let's open Windows Defender. In the Windows 10 operating system, it will open by clicking on the white shield icon in the system tray:
In the window that opens, select "Protection against viruses and other threats", as shown in the figure:
Now you need to find the "Exceptions" section and click "Add an exception":
Add the folder with the installed UTM EGAIS to the exceptions, as shown in the figure:
After adding the folder with the installed UTM EGAIS to the exclusions, you can close Windows Defender.
If you yourself cannot cope with the Windows Defender setting (to add exceptions for UTM EGAIS), ... We usually complete this task in 5-10 minutes (depending on the speed of your Internet connection).
UTM recovery after failure
Restoring UTM after being cured by Windows Defender is possible only after adding the UTM folder to the exception!
There are 2 options for restoring UTM:
- recovery of deleted files using Windows Defender;
- reinstallation of UTM EGAIS.
In practice, the first option does not guarantee 100% performance after a failure, so we recommend reinstalling the UTM.
Reinstallation of UTM EGAIS
If the article helped, you can say Thank you to the author.
Before version 3.0.8, many people have this error:
The error UTM 3.0.8 is fixed like this
For Rutoken 2.0 in the configuration files in UTM replace the following lines:
gost.pkcs11.library.path = C \: \\ Windows \\ System32 \\ rtPKCS11ECP.dll
gost.library.path = C \: \\ Windows \\ System32 \\ rttranscrypt.dll
rsa.library.path = C \: \\ Windows \\ System32 \\ rtPKCS11ECP.dll
on those:
rsa.library.path = C: \\ Windows \\ System32 \\ rtPKCS11ECP-replica.dll
gost.library.path = C: \\ Windows \\ System32 \\ libtranscrypt.dll
gost.pkcs11.library.path = C: \\ Windows \\ System32 \\ rtPKCS11ECP.dll
Accordingly for win 64 change the name of the System32 folder
If all else fails then try reinstalling UTM -
UTM EGAIS does not start. Blocking by antivirus
rtpkcs11ecp-replica.dll access denied
Recently, it was noticed that anti-virus programs began to block UTM files, mistaking them for viruses.
This situation occurs on computers with Windows Defender installed, in Windows 10 it is installed by default.
Also, problems with UTM occur on a PC with MS Security Essentials antivirus installed.
To launch UTM it is enough to restore files from quarantine and add antivirus to the exclusion.
How to find out why UTM EGAIS does not work?
Where to find the cause of the malfunction?
If your UTM stops working or is unstable (it constantly turns off, the connection with the EGAIS is lost), then you need to determine the cause of the malfunction.
All errors about a malfunction UTM writes in the log files of its services. As a rule, it is enough to look at the log files of the update service and transport to diagnose the problem.
The log files of these services are located here:
- C: \ UTM \ updater \ l \ update.log- update service log
- C: \ UTM \ transporter \ l \ transport_info.log- transport service log
The specified files are opened by the Notepad program, which is a standard MS Windows program. Files usually contain a lot of textual information, so the file can be large.
The log files contain a lot of information that helps to identify malfunctions of the UTM EGAIS. Each step of the UTM operation is recorded in them, and in case of an error, detailed information about the error is displayed.
The latest events of UTM EGAIS are at the end of the file, so if you have a crash, then to identify the error:
- - open and scroll the file to the very end;
- - look for the line with the inscription ERROR and the error description, as in the example below.
Having the text of the error on hand, it is possible to fix UTM malfunctions quite quickly and even without the involvement of specialists.
It doesn't matter which key (Rutoken, JaCarta or another) you use, what operating system you have on your computer, wholesaler or retail ... UTM will inform you about all problems directly to the log files, even if it could not start.
Examples of on how to find an error in the UTM and fix it yourself
An example of error detection # 1.
For example, in your file C: \ UTM \ transporter \ l \ transport_info.log at the very end of the file there is information about the error:
2018-09-24 10: 16: 28,057 INFO ru.centerinform.crypto.c - Crypto library initialization
2018-09-24 10:16:28,171 ERROR ru.centerinform.crypto.c - Crypto library initialization error
sun.security.pkcs11.wrapper.PKCS11Exception: CKR_USER_ALREADY_LOGGED_IN b>
at sun.security.pkcs11.wrapper.PKCS11.C_Login (Native Method)
at sun.security.pkcs11.wrapper.PKCS11 $ SynchronizedPKCS11.C_Login (PKCS11.java:1599)
at ru.centerinform.crypto.j.a (Unknown Source)
According to this error, the UTM has operational problems that occurred on September 24, 2018 at 10:16 am, in particular, the UTM stops with the error CKR_USER_ALREADY_LOGGED_IN.
An example of error detection # 2... We solve the problem ourselves.
For example, in the file C: \ UTM \ transporter \ l \ transport_info.log at the very end of the file there is information about the error:
2018-09-26 15: 36: 59,766 ERROR es.programador.transport.h.e - Error while receiving and reading documents from the EGAIS server
com.sun.xml.internal.ws.client.ClientTransportException: HTTP transport error: javax.net.ssl.SSLException: java.security.ProviderException: Token has been removed
at com.sun.xml.internal.ws.transport.http.client.HttpClientTransport.getOutput (Unknown Source)
at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.process (Unknown Source)
at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.processRequest (Unknown Source)
at com.sun.xml.internal.ws.transport.DeferredTransportPipe.processRequest (Unknown Source)
...According to this error, the UTM has operational problems that occurred on September 26, 2018 at 1536 hours, in particular, the Token has been removed error is displayed in the UTM logs.
Even a shallow knowledge of a foreign language can suggest that, most likely, UTM for some reason does not see the key for EGAIS.
You should make sure that the key is actually connected to the computer and its light is on (or blinking). If the key is really connected and the light is on, then disconnect the key from the computer and reconnect it - after a few minutes, the error usually disappears.
Error " Token has been removed"very widespread. Our technical support is constantly faced with it, any user can diagnose and fix it on their own.
If you get an error " unknown function details undefined applet false"and does not let you into EGAIS, then leave a request with your contact information in technical support - >>
- Check the functionality of your Internet connection.
- Check your operating system version. The Client-Bank system page will not be displayed on Windows XP Service Pack 2 and lower operating systems, as well as on Windows Server 2003 without the latest updates installed.
- In Internet Explorer go to "Tools" → "Browser options" → "Advanced"... In the window that opens, check the boxes opposite the items containing the abbreviation " TLS"And uncheck the boxes next to the items containing" SSL».
- Press the key combination Ctrl + F5... The page will be refreshed to clear the cache.
- Check the spelling of the address of the Client-Bank system page. In the address bar, delete all information after .ru and press Enter.
Check if you entered your username and password correctly. We recommend that you pay attention to the input parameters: the current input language and pressing the Caps Lock key. Try to enter the password in a text document, check it visually and copy it into the password field in the system.
This error can be displayed for the following reasons:
- The validity period of the ES keys has expired.
- The term of office of the director / general has expired. director specified in the bank card of the organization.
- You have not yet performed the initial generation of new keys.
- You have just done the initial generation of new keys and clicked the button " Further". At this point, the keys are not yet ready. To produce keys, you need to print an application for the production of a public key certificate and submit it to the Bank's office serving your accounts.
To clarify the detailed information on this error, contact the technical support service.
Make sure that in the settings of the parameters of the subscriber key carriers you have specified the path only to the directory with the secret keys. All other lines must be blank:
- Make sure you are logged in using the Internet Explorer browser.
- Add the address of the Client-Bank system site to the list of sites working in compatibility mode.
- In the Internet Explorer browser, click on the " Service"In the top bar (if there are no buttons, press the Alt on the keyboard until the strip with the buttons " File», « Edit», « View" etc.).
- Then select the item " Compatibility View options».
- In the window that opens, enter the website address in the top line site and press the buttons " Add" and " Close».
- Restart your browser for the changes to take effect.
- In Internet Explorer, press the key combination " Ctrl + Shift + Delete". In the window that opens, check the boxes only opposite the items “ Temporary Internet Files" and " Cookies"And press the button" Delete».
- Perform a general reset of browser settings.
- Close all Internet Explorer windows and go to " Control Panel» → « Browser propertiesNetworks and the Internet»).
- Additionally"And press the button" Reset».
- Delete personal settings"And press the button" Reset».
Windows Vista, Windows 7:
- Start».
- Select " Control Panel» → « Browser properties"(May be in the section" Networks and the Internet»).
- In the window that opens, go to the " Additionally"And press the button" Reset».
- In the window that opens, do not check the box “ Delete personal settings"And press the button" Reset».
- After the reset is complete, restart your computer for the changes to take effect.
Windows 8-10:
- Start»With the right mouse button.
- Select " Control Panel» → « Browser properties"(May be in the section" Networks and the Internet»).
- In the window that opens, go to the " Additionally"And press the button" Reset».
- In the window that opens, do not check the box “ Delete personal settings"And press the button" Reset».
- After the reset is complete, restart your computer for the changes to take effect.
Errors when generating new keys
This error is due to the fact that the system cannot access the selected key storage location.
If you did not receive a USB device (eToken) at the bank office:
- When filling in the generation parameters in the field " Key storage location"Specify" Disk drive". In field " Catalog»Specify the location for storing the keys. We strongly recommend, in order to avoid mistakes when creating keys, DO NOT USE for storing keys, the system drive (local drive C: \) and folders stored on it (including Desktop, Documents, etc.).
- Check if the directory that was selected for storing private keys in the " Key storage location».
- Check if the Flash media you are using is working properly.
If you are using eToken:
Errors when working in the Bank-Client system
Windows Vista, Windows 7:
- Close all Internet Explorer windows and go to the " Start».
- Select " Control Panel» → « Browser properties"(May be in the section" Networks and the Internet»).
- In the window that opens, go to the " Additionally"And press the button" Reset».
- In the window that opens, do not check the box “ Delete personal settings"And press the button" Reset».
- After the reset is complete, restart your computer for the changes to take effect.
Windows 8-10:
- Close all Internet Explorer windows and click on the " Start»With the right mouse button.
- Select " Control Panel» → « Browser properties"(May be in the section" Networks and the Internet»).
- In the window that opens, go to the " Additionally"And press the button" Reset».
- In the window that opens, do not check the box “ Delete personal settings"And press the button" Reset».
- After the reset is complete, restart your computer for the changes to take effect.
Thank you very much, Mikhail, we did everything promptly and the main thing is clear to me ... Since we have found a common language. I would like to continue the communication with you in the future. I look forward to fruitful cooperation.
Olesya Mikhailovna - General Director LLC "VKS"
On behalf of the State Unitary Enterprise "Sevastopol Aviation Enterprise" we express our gratitude for the professionalism and efficiency of your company! We wish your company continued prosperity!
Guskova Lilia Ivanovna - manager. SUE "SAP"
Thank you, Mikhail, very much for your help with the design. Very qualified employee +5!
Nadia Shamilevna - entrepreneur IP Anoshkina
On behalf of the company "AKB-Auto" and on my own behalf, I express my gratitude to you and all employees of your company for the productive and high-quality work, sensitive attitude to the client's requirements and efficiency in the execution of the ordered work.
Nasibullina Alfira - Senior Manager"AKB-Auto"
I would like to thank the consultant Mikhail for the excellent work, timely and complete consultations. He is very attentive to the client's problems and questions, prompt solution of the most difficult situations, it would seem to me. It's a pleasure to work with Mikhail !!! Now I will recommend your company to my clients and friends. And the technical support consultants are also very polite, attentive, helped to cope with the complex installation of the key. Thank you!!!
Olga Sevostyanova.
Acquiring a key turned out to be very easy and even enjoyable. Many thanks for the assistance to manager Mikhail. Explains complex and massive things to understand, succinctly, but very clearly. In addition, I called the free hotline and online, together with Mikhail I left a request. I got a key made in 2 working days. In general, I recommend it if you save your time, but at the same time want to have an understanding of what you buy and what you pay for. Thank you.
Levitsky Alexander Konstantinovich Samara
Personal gratitude to the consultant Mikhail Vladimirovich for prompt advice and work on the accelerated receipt of the ES certificate. During the preliminary consultation, the optimal set of individual services is selected. The end result is immediate.
Stoyanova N.L. - Chief Accountant LLC "SITEKRIM"
Thank you for your prompt work and competent help! I was very pleased with the consultation!
Dmitry Fomin
Expert Sistema LLC would like to thank the consultant Mikhail for the prompt work! We wish your company growth and prosperity!
Sukhanova M.S. - AppraiserLLC "Expert System", Volgograd
Thanks to the consultant who introduced himself as Mikhail for his prompt work with clients.
Stepan Gennadievich Ponomarev
Many thanks to the consultant Mikhail for his assistance in obtaining an EDS. For prompt work and advice on issues arising in the process of registration.
Leonid Nekrasov
The company, represented by its consultant Mikhail, does the impossible! Acceleration of accreditation in less than 1 hour! Payment upon delivery of the service. I thought it couldn't happen. With full responsibility, I can advise you to contact the Center for issuing electronic signatures.