If none of the decisions proposed below cannot resolve the problem, perhaps the key carrier was damaged and requires recovery (see). It is impossible to restore data from a damaged smart card or registry.
If there is a copy of the key container on another media, it is necessary to use it for work, after setting the certificate.
Diskette
If a floppy disk is used as a key container, the following steps must be performed:
1. Make sure that a floppy diskette is a folder containing files: Header, Masks, Masks2, Name, Primary, Primary2. Files must have an extension. Qike, and the folder name format should be as follows: xxxxxx.000.
The closed key container was damaged or removed
2. Make sure that the CSP cryptopro is configured by the "Drive X" reader (for CSP 3.6 cryptopro - "all removable discs"), where the x-letter of the disk. To do this:
- Select the "Start" menu\u003e Control Panel\u003e CSP Cryptopro;
?).
3. In the CSP Cryptopro window "Select a key container" set the "Unique names" switch.
4.
- Select the "Start" menu\u003e Control Panel\u003e CSP Cryptopro;
- Go to the "Service" tab and click on the "Remove Stoy Passwords" button;
5. How to copy a container with a certificate to another medium?).
Flash-storage
If a flash drive is used as a key media, the following steps must be performed:
1. Make sure that in the root of the media there is a folder containing files: Header, Masks, Masks2, Name, Primary, Primary2 . Files must have extension. Qike, and the folder name format should be as follows: xxxxxx.000 .
If any files are lacking or their format is incorrect, then perhaps the closed key container was damaged or deleted. It is also necessary to check if this folder with six files on other media is not contained.
2. Make sure that the CSP cryptopro is configured by the "Drive X" reader (for CSP 3.6 cryptopro - "All removable discs"), where X is the letter of the disk. To do this:
- Select the "Start" menu\u003e Control Panel\u003e CSP Cryptopro;
- Go to the "Equipment" tab and click on the "Configure Readers" button.
If the reader is absent, it must be added (see how to configure readers in CSP cryptopro?).
3.
4. Remove stored passwords. For this:
- Select the "Start" menu\u003e Control Panel\u003e CSP Cryptopro;
- Mark the "User" point and click on the "OK" button.
5. Make a copy of a key container and use it to work (see how to copy a container with a certificate to another media?).
6. If the CSP cryptopro is installed in the workplace 2.0 or 3.0, and the key carrier A (B) is present in the key carrier list, then it must be deleted. For this:
- Select the "Start" menu\u003e Control Panel\u003e CSP Cryptopro;
- Go to the "Equipment" tab and click on the "Configure Readers;" button
- Select the "Drive A" or "Drive B" reader and click on the Delete button.
After deleting this reader, work with a floppy disk will be impossible.
Rutoken.
If the Rutoken smart card is used as a key media, the following steps must be performed:
1. Make sure that the light bulb is burning onto the router. If the light is not lit, then you should take advantage of the following recommendations.
2. Make sure that the CSP cryptopro is configured by the "Rutoken" reader (for CSP 3.6 cryptopro - "All smart card readers"). To do this:
- Select the "Start" menu\u003e Control Panel\u003e CSP Cryptopro;
- Go to the "Equipment" tab and click on the "Configure Readers" button.
If the reader is absent, it must be added (see how to configure readers in CSP cryptopro?).
3. In the "Select Key Container" window, set the "Unique Names" switches.
4. Remove stored passwords. For this:
- Select the Start menu\u003e Control Panel\u003e CSP Cryptopro ;
- Go to the "Service" tab and click on the "Remove Stoy Passwords" button;
- Mark the "User" point and click on the "OK" button.
5. Update support modules needed to work Rutoken. For this:
- Disable smart card from the computer;
- Select the Start menu\u003e Control Panel\u003e "Install and Delete Programs" (for Windows Vista \\ Seven "Start"\u003e Control Panel\u003e "Programs and Components");
- Select from the "Rutoken Support Modules" from the open list and click on the Delete button.
After removing the modules you need to restart the computer .
- Download and install the latest support modules. Distribution is available for download on the website asset.
After installing the modules, you must restart the computer.
6. You should increase the number of containers displayed in CSP cryptopro on Rutoken using the following instruction .
7. Refresh the Rutoken driver (see how to update the rutoken driver?).
8. You should make sure that the Rutoken contains key containers. To do this, check the amount of free memory on the media by performing the following steps:
- Open "Start" ("Settings")\u003e "Control Panel"\u003e "RuCEN control panel" (if this item is missing, then the Rutoken driver should be updated).
- In the opened window of the control panels of the Ructen in the "Readers" item, you should select "Activ Co. Rutoken 0 (1.2) "and click on the" Information "button.
If the rodule is not visible in the "Reader" paragraph or when you click on the "Information" button, the message "Rutoken Memory Status has not changed", it means that the carrier has been damaged, you must contact the service center for unplanned key replacement.
- Check what value is indicated in the "Free Memory" (byte) string.
As a key carrier in service centers, roculates are issued by the amount of memory of about 30,000 bytes. One container occupies about 4 kb. The volume of free memory of the route containing one container is about 26,000 bytes, two containers - 22,000 bytes and T d.
If the volume of free memory of the route is more than 29-30,000 bytes, then the key containers are missing. Therefore, the certificate is contained on another carrier.
Registry
If the registry reader is used as a key media, you must perform the following steps:
1. Make sure that the CSP cryptopro is configured by the Registry reader. For this:
- Select the "Start" menu\u003e Control Panel\u003e CSP Cryptopro;
- Go to the "Equipment" tab and click on the "Configure Readers" button.
If the reader is absent, it must be added (see how to configure readers in CSP cryptopro?).
2. In the "Select Key Container" window, set the "Unique Names" switches.
3. Remove stored passwords. For this:
- Select the "Start" menu\u003e Control Panel\u003e CSP Cryptopro;
- Go to the tab « Service "and click on the" Remove Stoy Passwords "button;
- Mark the "User" point and click on the "OK" button.
Good day!
I think that almost every user (especially lately) faced an error in the browser that the certificate of such a site is not trusted, and the recommendation is not visiting it.
On the one hand, this is good (after all, the browser, and in general, the popularization of such certificates - provides our security), but on the other - this error sometimes pops up even on very well-known sites (on the same Google).
The essence of what is happening, and what does it mean?
The fact is that when you connect to the site on which the SSL protocol is installed, the server transmits a digital document to the browser ( certificate ) The fact that the site is genuine (and not a fake or a clone of something there ...). By the way, if everything is fine with this site, the browsers are tagged with the "green" lock: the screen below shows how it looks like in Chrome.
However, certificates can produce both well-known organizations (Symantec, Rapidssl, Comodo, etc.) So and in general anyone. Of course, if the browser and your system "does not know" the one who released the certificate (or suspicion of its correctness arises) - then a similar error appears.
Those. I lead to the fact that there may be like very white sites and those that really dangerously attend. Therefore, the appearance of such an error is a reason to carefully look at the address of the site.
Well, in this article, I want to point out several ways to eliminate such an error if it began to appear even on white and well-known sites (for example, on Google, Yandex, VK and many others. They will not refuse to visit?).
How to eliminate a mistake
1) Pay attention to the site address
The first thing to do is just pay attention to the site's address (it is possible that you mistakenly scored the wrong URL). Sometimes this happens on the fault of the server on which the site is located (perhaps, in general, the certificate itself is simply outdated, because it is issued for a certain time). Try to visit other sites if everything is OK with them - then most likely that the problem is not in your system, but from that particular site.
An example of an error "Site Safety Certificate is not trusted"
However, I note that if the error appears on a very well-known site to which you (and many other users) are entirely trusted - then the likelihood of a problem in your system is high ...
2) Check the date and time set in Windows
The second point - a similar error can pop up if you are in the system incorrectly set time or date. For their adjustment and clarification, it is enough to click on the "time" in the Windows taskbar (in the lower right corner of the screen). See Screen below.
After setting the right time, restart the computer and try to re-open the browser and sites in it. The error should disappear.
I also pay attention to the fact that if you are constantly getting off time - you probably have a battery pack on your motherboard. It represents a small "tablet", thanks to which the computer remembers the settings you entered, even if you turn it off from the network (for example, the same date and time are calculated?).
3) Try to update root certificates.
Another option as you can try to solve this problem - set the root certificate update. Updates can be downloaded on Microsoft for different OS. For client OS (i.e., these updates are suitable for the usual home users:
4) Installing "trusted" certificates
This way is though working, but I would like to warn that he "can" become a source of problems in the security of your system. At least resort to this advise only for such major sites like Google, Yandex, etc.
To get rid of an error related to the inaccuracy of the certificate, special should be approached. package GEOTRUST PRIMARY CERTIFICATION AUTHORITY .
By the way, to download Geotrust Primary Certification Authority:
Now you need to install the downloaded certificate. As it is done, I will tell you in the steps just below:
5) Pay attention to antivirus utilities
In some cases, this error may arise due to the fact that some program (for example, antivirus) checks HTTPS traffic. This sees the browser that the came the certificate does not correspond to the address from which it is received and the result is a warning / error ...
Therefore, if you have an antivirus / firewall installed, check and for a while, turn off the HTTPS traffic scan setting (see an example of Avast settings on the screen below).
I have everything on this ...
For additions on the topic - Separate Mercy!
All the best!
Often they are treated with the question, How to install a certificate through cryptoppo CSP. Situations are different: the director or chief of chief, the certificate of the certificate and the like was changed. Everything worked before, and now there is no. We tell you what to do to install a personal digital certificate on a computer.
You can install a personal certificate in two ways:
1. Through the CSP Cryptopro menu "View Certificates in a Container"
2. Through the CSP Cryptopro menu "Install a personal certificate"
If Windows 7 operating system is used in the workplace without SP1, then the certificate should be installed on the recommendations of version number 2.
Option number 1. Install through the "View Certificates in a Container" menu
To establish a certificate:
1. Select Start -\u003e Control Panel -\u003e CSP Cryptopro -\u003e Tool Tab, and click the "View Certificates in Container" button.
2. In the window that opens, click on the "Overview" button. Select the container and confirm your choice by the OK button.
If a message appears "in the closed key container there is no encryption key", go to the installation of a digital certificate according to version 2.
4. If the CSP cryptopro version is installed on your computer 3.6 R2 (Product version 3.6.6497) or higher, then in the window that opens, click on the Set button. After that, agree with the proposal to replace the certificate.
If the "Set" button is missing, in the "Certificate for viewing" window, click the "Properties" button.
5. In the "Certificate" window -\u003e "General" tab, click on the "Install Certificate" button.
6. In the "Certificate Import Master" window, select Next.
7. If you are set up the "CSP cryptopro" version 3.6, then in the next window, it is enough to leave the switch on the "Authority to automatically select a certificate-based storage" and click "Next". The certificate will be automatically installed in the "Personal" storage.
Option 2. Install through the "Install Personal Certificate" menu
You will need a certificate file itself to be installed (with an extension.cer). It can be, for example, on a diskette, on tokenet or on a hard drive of a computer.
To establish a certificate:
1. Select Start -\u003e Control Panel -\u003e CSP Cryptopro -\u003e Tool Service and click the "Install Personal Certificate" button.
2. In the "Personal Certificate Installation Wizard" window, click on the Next button. In the next window, to select the certificate file, click "Overview".
3. Specify the path to the certificate and click on the "Open" button, then "Next".
4. In the next window, you can view the certificate information. Click "Next".
5. In the next step, enter or specify the closed key container that corresponds to the selected certificate. To do this, use the Overview button.
If you have a CSP 3.6 R2 cryptopro version (Product version 3.6.6497) or higher, put the "Install Certificate in Container" flag.
8. Select the "Personal" storage and click OK.
9. The storage you have chosen. Now click "Next", then "Ready". After that, a message may appear:
In this case, click "Yes."
10. Wait for the successful installation of a personal certificate to a computer.
All, you can sign documents using a new certificate.
ATTENTION:
The article is outdated. To work with the portal, the RC statistics no longer require a certificate installed in the browser, the certificate selection occurs through the program.
To send Stat. The accounts in the RK Statistics Committee, electronically, you need to install the EDS certificate in Windows Certificate Storage (Internet Explorer) or the browser itself (Mozilla Firefox).
This method of setting the key is suitable for all browsers, except for Mozilla Firefox, which uses its own certificate store, the installation procedure of the EDS key for this browser is described in this article.
At the moment, the portal of the Statistics Committee of the Republic of Kazakhstan requires the installation of a certificate manually.
To enter the portal, you need to set the first file issued by the EDS - set the Auth_RSA file.
The second file, RSA or GOST (IP or LLP) is used at the time of sending, to sign the finished electronic report for the RK statistics committee.
The default password is the key of the EDS obtained in the Camp - 123456
An example is shown on Windows 10 x64.
Video Lesson: Statistics RK: Installing the EDS Certificate in Internet Explorer Browser
From the author:
If the problem is solved, one of the ways to say "Thank you" to the author, specified -.
If the problem could not be resolved or additional questions appeared, you can ask them on our, in our group.
Or, take advantage of our service "" confidence in the solution of the problem by a specialist.
When you try to enter WebMoney website (as well as any other online service), you can get a message that a security certificate problem for this web site has been detected. To correct the situation, safely and unhindered using the site services, you need to install the root certificate. Consider this process on the example of entering WebMoney through the Internet Explorer browser.
How to install the root certificate?
First of all, you must download the missing file itself. For WebMoney, it is located and distributed free of charge. It is important to receive such files only from official sites or reliable sources to avoid infection with viral programs and protect yourself about intruders. After the certificate is saved on the connected medium:
- open Internet Explorer settings;
- we find the item "Observer Properties";
- we move to the "Content" tab;
- we click on the "Certificates" panel;
- go to "trusted root certification centers";
- click on the "Import ..." button;
- the "Wizard .." window opens to select settings;
- click on the "Next" button;
- click "Overview" and specify the location of the saved certificate;
- click "Open" and "Next";
- confirm the end of the procedure using the "Finish" button.
Errors in the installation of the root certificate
To the root certificate is set correctly, the default certificate store must match the place where you place this file. In the case when the certificate imports were made from another repository department, you need to click on the "Review ..." and specify the "trusted root certification root centers" (as shown in the image). The established certificate is easy to view and check through the "Certificates" browser tab -\u003e "Trusted Root Certificate Centers". The file validity period must expire 10.03.2035.
How to check if the established certificate works? Restart the browser and go to the WebMoney Certification Center page. Security notice should disappear. Installing root certificates for other sites and browsers is performed in the same way, with minimal differences in the interface of the programs used.
The installation is very simple, to start clicking the left mouse button on the link, the plate will appear at the bottom:
Click "Open", after which the window will appear:
The window describes the root certificate and to whom it is issued, make sure to match the image and click "Set the Certificate". The "Certificate Import Master" certificate certificate is launched,
click "Next" and go to the next step.
In the window, we put a circle on the contrary "place all certificates in the next place", click on the "Overview".
Select the certificate store "Trusted root certification centers", as shown in the picture above, click "OK" and get a window:
Click "Next".
We are convinced that everything is the same as in the picture and click "Ready."
Click "OK", congratulations, the certificate is set, you can now open.
Next to the site line of the site will appear, clicking on it, you can see the security report.
P.S. : Unfortunately, Internet Explorer browser, not the best browser for surfing on Internet pages, wines everything - unwillingness to bring a browser to a single standards or a late reaction to new standards. In the latest versions there were cardinal changes, which is a big plus, but still there are moments that can negate the works of web developers. I recommend changing Internet Explorer to something more convenient, fast and safe. Which browser to choose? This is only your choice! Each has its own color sweet). And choose from what - Opera, Google Chrome, Mozilla Firefox, Maxthon 3, Seamonkey and this is not the entire list of popular well-working browsers.