Статус: Новичок
Группы: Участники
Зарегистрирован: 07.12.2017(UTC) Сообщений: 7
Сказал(а) «Спасибо»: 2 раз
|
Добрый день. Плагин не видит сертификат Окружение: Ubuntu 16.10 Chrome 55.0.2883.87 КриптоПро Browser Plugin 2.0 КриптоПро CSP 4.0 Добавила в доверенные: Код:root@venera:/opt/cprocsp/bin/amd64# /opt/cprocsp/sbin/amd64/cpconfig -ini "\config\cades\trustedsites" -add multistring "TrustedSites" "http://www.cryptopro.ru" "https://www.cryptopro.ru"
Создаю контейнер: Код:oot@venera:/opt/cprocsp/bin/amd64# ./csptest -keyset -provtype 75 -newkeyset -cont '\\.\HDIMAGE\test'
CSP (Type:75) v4.0.9016 KC1 Release Ver:4.0.9929 OS:Linux CPU:AMD64 FastCode:READY:AVX.
AcquireContext: OK. HCRYPTPROV: 23417731
GetProvParam(PP_NAME): Crypto-Pro GOST R 34.10-2001 KC1 CSP
Container name: "test"
Signature key is not available.
Attempting to create a signature key...
CPCSP: Signing with GOST R 34.10-2001 keys is not allowed from January 1st, 2019. We highly recommend moving to GOST R 34.10-2012 keys in advance.
Generate a GOST R 34.10-2001 key?
(o)OK, (c)Cancel
o
Press keys...
[..........................................................................]
hoCryptoPro CSP: Set password on produced container "test".
Password:
Retype password:
a signature key created.
Exchange key is not available.
Attempting to create an exchange key...
Press keys...
[..........................................................................]
an exchange key created.
Keys in container:
signature key
exchange key
Extensions:
OID: 1.2.643.2.2.37.3.9
OID: 1.2.643.2.2.37.3.10
Total: SYS: 0,020 sec USR: 0,080 sec UTC: 30,930 sec
[ErrorCode: 0x00000000]
Создаю запрос: Код:root@venera:/opt/cprocsp/bin/amd64# ./cryptcp -creatrqst -dn "E=mask.ple@gmail.com, C=RU, CN=Test2 Marina, SN=Test2" -nokeygen -both -ku -cont 'test' test333.req
CryptCP 4.0 (c) "Crypto-Pro", 2002-2017.
Command prompt Utility for file signature and encryption.
CryptoPro CSP: Type password for container "test"
Password:
Request is saved in file.
[ReturnCode: 0]
Созданный запрос ввожу в "Отправить готовый запрос PKCS#10 или PKCS#7 в кодировке Base64" (тестовый удостоверяющий центр КриптоПро) Загрузила цепочку сертификатов. Устанавливаю сертификат клиента: Код:root@venera:/opt/cprocsp/bin/amd64# ./certmgr -inst -file /home/venera/Загрузки/last.p7b -store uMy -cont '\\.\HDIMAGE\test'
Certmgr 1.0 (c) "CryptoPro", 2007-2010.
program for managing certificates, CRLs and stores
=============================================================================
1-------
Issuer : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Subject : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Serial : 0x2B6E3351FD6EB2AD48200203CB5BA141
SHA1 Hash : 046255290b0eb1cdd1797d9ab8c81f699e3687f3
SubjKeyID : 15317cb08d1ade66d7159c4952971724b9017a83
Signature Algorithm : ГОСТ Р 34.11/34.10-2001
PublicKey Algorithm : ГОСТ Р 34.10-2001 (512 bits)
Not valid before : 05/08/2014 13:44:24 UTC
Not valid after : 05/08/2019 13:54:03 UTC
PrivateKey Link : No
2-------
Issuer : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Subject : E=mask.ple@gmail.com, C=RU, CN=Test2 Marina, SN=Test2
Serial : 0x1200237DBF8B1187115FF6256F000000237DBF
SHA1 Hash : 950d52e416d3a5461ff378c1c9f328c762e56b5d
SubjKeyID : 1cffc65a160aeac254a9aa32f40bd3e128a4bdbb
Signature Algorithm : ГОСТ Р 34.11/34.10-2001
PublicKey Algorithm : ГОСТ Р 34.10-2001 (512 bits)
Not valid before : 09/12/2017 22:27:24 UTC
Not valid after : 09/03/2018 22:37:24 UTC
PrivateKey Link : No
CA cert URL : http://testca.cryptopro.ru/CertEnroll/test-ca-2014_CRYPTO-PRO%20Test%20Center%202.crt
OCSP URL : http://testca.cryptopro.ru/ocsp/ocsp.srf
CDP : http://testca.cryptopro.ru/CertEnroll/CRYPTO-PRO%20Test%20Center%202.crl
Extended Key Usage : 1.3.6.1.5.5.7.3.4
=============================================================================
Please choose index
2
Install:
=============================================================================
1-------
Issuer : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Subject : E=mask.ple@gmail.com, C=RU, CN=Test2 Marina, SN=Test2
Serial : 0x1200237DBF8B1187115FF6256F000000237DBF
SHA1 Hash : 950d52e416d3a5461ff378c1c9f328c762e56b5d
SubjKeyID : 1cffc65a160aeac254a9aa32f40bd3e128a4bdbb
Signature Algorithm : ГОСТ Р 34.11/34.10-2001
PublicKey Algorithm : ГОСТ Р 34.10-2001 (512 bits)
Not valid before : 09/12/2017 22:27:24 UTC
Not valid after : 09/03/2018 22:37:24 UTC
PrivateKey Link : No
CA cert URL : http://testca.cryptopro.ru/CertEnroll/test-ca-2014_CRYPTO-PRO%20Test%20Center%202.crt
OCSP URL : http://testca.cryptopro.ru/ocsp/ocsp.srf
CDP : http://testca.cryptopro.ru/CertEnroll/CRYPTO-PRO%20Test%20Center%202.crl
Extended Key Usage : 1.3.6.1.5.5.7.3.4
=============================================================================
[ErrorCode: 0x00000000]
Устанавливаю корневой сертификат: Код:root@venera:/opt/cprocsp/bin/amd64# /opt/cprocsp/bin/ia32/certmgr -inst -file /home/venera/Загрузки/last.p7b -store uRoot
bash: /opt/cprocsp/bin/ia32/certmgr: Нет такого файла или каталога
root@venera:/opt/cprocsp/bin/amd64# ./certmgr -inst -file /home/venera/Загрузки/last.p7b -store uRoot
Certmgr 1.0 (c) "CryptoPro", 2007-2010.
program for managing certificates, CRLs and stores
=============================================================================
1-------
Issuer : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Subject : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Serial : 0x2B6E3351FD6EB2AD48200203CB5BA141
SHA1 Hash : 046255290b0eb1cdd1797d9ab8c81f699e3687f3
SubjKeyID : 15317cb08d1ade66d7159c4952971724b9017a83
Signature Algorithm : ГОСТ Р 34.11/34.10-2001
PublicKey Algorithm : ГОСТ Р 34.10-2001 (512 bits)
Not valid before : 05/08/2014 13:44:24 UTC
Not valid after : 05/08/2019 13:54:03 UTC
PrivateKey Link : No
2-------
Issuer : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Subject : E=mask.ple@gmail.com, C=RU, CN=Test2 Marina, SN=Test2
Serial : 0x1200237DBF8B1187115FF6256F000000237DBF
SHA1 Hash : 950d52e416d3a5461ff378c1c9f328c762e56b5d
SubjKeyID : 1cffc65a160aeac254a9aa32f40bd3e128a4bdbb
Signature Algorithm : ГОСТ Р 34.11/34.10-2001
PublicKey Algorithm : ГОСТ Р 34.10-2001 (512 bits)
Not valid before : 09/12/2017 22:27:24 UTC
Not valid after : 09/03/2018 22:37:24 UTC
PrivateKey Link : No
CA cert URL : http://testca.cryptopro.ru/CertEnroll/test-ca-2014_CRYPTO-PRO%20Test%20Center%202.crt
OCSP URL : http://testca.cryptopro.ru/ocsp/ocsp.srf
CDP : http://testca.cryptopro.ru/CertEnroll/CRYPTO-PRO%20Test%20Center%202.crl
Extended Key Usage : 1.3.6.1.5.5.7.3.4
=============================================================================
Please choose index
1
Install:
=============================================================================
1-------
Issuer : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Subject : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Serial : 0x2B6E3351FD6EB2AD48200203CB5BA141
SHA1 Hash : 046255290b0eb1cdd1797d9ab8c81f699e3687f3
SubjKeyID : 15317cb08d1ade66d7159c4952971724b9017a83
Signature Algorithm : ГОСТ Р 34.11/34.10-2001
PublicKey Algorithm : ГОСТ Р 34.10-2001 (512 bits)
Not valid before : 05/08/2014 13:44:24 UTC
Not valid after : 05/08/2019 13:54:03 UTC
PrivateKey Link : No
=============================================================================
[ErrorCode: 0x00000000]
Если посмотреть на сертификаты клиента и корневой: Код:root@venera:/opt/cprocsp/bin/amd64# ./certmgr --list -store root
Certmgr 1.0 (c) "CryptoPro", 2007-2010.
program for managing certificates, CRLs and stores
WARNING: Legacy parameter: "-store root"
=============================================================================
1-------
Issuer : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Subject : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Serial : 0x2B6E3351FD6EB2AD48200203CB5BA141
SHA1 Hash : 046255290b0eb1cdd1797d9ab8c81f699e3687f3
SubjKeyID : 15317cb08d1ade66d7159c4952971724b9017a83
Signature Algorithm : ГОСТ Р 34.11/34.10-2001
PublicKey Algorithm : ГОСТ Р 34.10-2001 (512 bits)
Not valid before : 05/08/2014 13:44:24 UTC
Not valid after : 05/08/2019 13:54:03 UTC
PrivateKey Link : No
=============================================================================
[ErrorCode: 0x00000000]
Код:root@venera:/opt/cprocsp/bin/amd64# ./certmgr --list -store my
Certmgr 1.0 (c) "CryptoPro", 2007-2010.
program for managing certificates, CRLs and stores
WARNING: Legacy parameter: "-store my"
=============================================================================
1-------
Issuer : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Subject : E=mask.ple@gmail.com, C=RU, CN=Test2 Marina, SN=Test2
Serial : 0x1200237DBF8B1187115FF6256F000000237DBF
SHA1 Hash : 950d52e416d3a5461ff378c1c9f328c762e56b5d
SubjKeyID : 1cffc65a160aeac254a9aa32f40bd3e128a4bdbb
Signature Algorithm : ГОСТ Р 34.11/34.10-2001
PublicKey Algorithm : ГОСТ Р 34.10-2001 (512 bits)
Not valid before : 09/12/2017 22:27:24 UTC
Not valid after : 09/03/2018 22:37:24 UTC
PrivateKey Link : Yes
Container : HDIMAGE\\test.000\2EF8
Provider Name : Crypto-Pro GOST R 34.10-2001 KC1 CSP
Provider Info : ProvType: 75, KeySpec: 1, Flags: 0x0
CA cert URL : http://testca.cryptopro.ru/CertEnroll/test-ca-2014_CRYPTO-PRO%20Test%20Center%202.crt
OCSP URL : http://testca.cryptopro.ru/ocsp/ocsp.srf
CDP : http://testca.cryptopro.ru/CertEnroll/CRYPTO-PRO%20Test%20Center%202.crl
Extended Key Usage : 1.3.6.1.5.5.7.3.4
2-------
Issuer : E=support@cryptopro.ru, C=RU, L=Moscow, O=CRYPTO-PRO LLC, CN=CRYPTO-PRO Test Center 2
Subject : CN=Marina test1, E=mask.ple@gmail.com
Serial : 0x1200237DBD2D19DE538DC883E7000000237DBD
SHA1 Hash : 974b17339afa5564275b91bdebd2b58698912cc3
SubjKeyID : 1cffc65a160aeac254a9aa32f40bd3e128a4bdbb
Signature Algorithm : ГОСТ Р 34.11/34.10-2001
PublicKey Algorithm : ГОСТ Р 34.10-2001 (512 bits)
Not valid before : 09/12/2017 21:26:32 UTC
Not valid after : 09/03/2018 21:36:32 UTC
PrivateKey Link : Yes
Container : HDIMAGE\\test.000\2EF8
Provider Name : Crypto-Pro GOST R 34.10-2001 KC1 CSP
Provider Info : ProvType: 75, KeySpec: 1, Flags: 0x0
CA cert URL : http://testca.cryptopro.ru/CertEnroll/test-ca-2014_CRYPTO-PRO%20Test%20Center%202.crt
OCSP URL : http://testca.cryptopro.ru/ocsp/ocsp.srf
CDP : http://testca.cryptopro.ru/CertEnroll/CRYPTO-PRO%20Test%20Center%202.crl
Extended Key Usage : 1.3.6.1.5.5.7.3.4
1.3.6.1.5.5.7.3.2
1.3.6.1.4.1.311.10.3.12
=============================================================================
[ErrorCode: 0x00000000]
В браузере отображается "Плагин загружен" и отображается версия криптопровайдера. Но при загрузке страницы вылезает диалог "Certificate not found". И информации о сертификате нет, естественно. С чем может быть проблема с подгрузкой сертификата? Может, какие-то права? Snimok ehkrana ot 2017-12-10 01-47-20.png (199kb) загружен 17 раз(а).Заранее благодарю за совет.
|