int44.zakupki.gov.ru #464
Description
Добрый день.
Пытаюсь наладить работу с сервисом отдачи дотументов сайта госзакупок.
Если я отправляю запрос на корень сайта (где не идет проверка цифровой подписи), то все рабаотает
(echo -en "GET / HTTP/1.1\nHost: int44.zakupki.gov.ru\nUser-Agent: curl/8.5.0\nAccept: */*\n\n") | openssl s_client -cipher 'LEGACY-GOST2012-GOST8912-GOST8912' -tls1_2 -connect 94.25.27.252:443 -servername int44.zakupki.gov.ru -quiet -crlf -trace
Sent Record
Header:
Version = TLS 1.0 (0x301)
Content Type = Handshake (22)
Length = 146
......
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ApplicationData (23)
Length = 87
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ApplicationData (23)
Length = 357
HTTP/1.1 200 OK
Date: Mon, 14 Oct 2024 09:51:12 GMT
Server: Apache
Set-Cookie: _usertrack=931f3e1b.6246cc6e6f2a1; path=/; domain=.zakupki.gov.ru
Last-Modified: Fri, 15 Jul 2022 11:14:54 GMT
ETag: "2d-5e3d620a8e780"
Accept-Ranges: bytes
Content-Length: 45
Vary: User-Agent
Content-Type: text/html
<html><body><h1>It works!</h1></body></html>
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Alert (21)
Length = 6
Level=warning(1), description=close notify(0)
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Alert (21)
Length = 6
Level=warning(1), description=close notify(0)
Если я начинаю отправлять запросы на адрес, где идет проверка элекстронной цифровой подписи, то работать перестает и я не знаю как подступится к решению.
На windows + yandex браузер все работает
Вот кусок из Wireshark
ЗАПРОС ЯНДЕКС БРАУЗЕРА
=======================================
Frame 8: 181 bytes on wire (1448 bits), 181 bytes captured (1448 bits) on interface \Device\NPF_{FFF41D36-4E05-4E64-99E7-77CB59DDE4A7}, id 0
Ethernet II, Src: MicroStarINT_63:7b:eb (8c:89:a5:63:7b:eb), Dst: Routerboardc_dd:9c:8d (d4:ca:6d:dd:9c:8d)
Internet Protocol Version 4, Src: 192.168.0.45, Dst: 94.25.27.252
Transmission Control Protocol, Src Port: 28082, Dst Port: 443, Seq: 1, Ack: 1, Len: 127
Transport Layer Security
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 122
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 118
Version: TLS 1.2 (0x0303)
Random: 67077edffcf34f9a2cf4ee5cdc10270dc6bee137869ad9ffda25d27241ccabe1
GMT Unix Time: Oct 10, 2024 10:14:39.000000000 RTZ 2 (зима)
Random Bytes: fcf34f9a2cf4ee5cdc10270dc6bee137869ad9ffda25d27241ccabe1
Session ID Length: 0
Cipher Suites Length: 10
Cipher Suites (5 suites)
Cipher Suite: TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC (0xc100)
Cipher Suite: TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC (0xc101)
Cipher Suite: TLS_GOSTR341112_256_WITH_28147_CNT_IMIT (0xc102)
Cipher Suite: Unknown (0xff85)
Cipher Suite: TLS_GOSTR341001_WITH_28147_CNT_IMIT (0x0081)
Compression Methods Length: 1
Compression Methods (1 method)
Compression Method: null (0)
Extensions Length: 67
Extension: renegotiation_info (len=1)
Type: renegotiation_info (65281)
Length: 1
Renegotiation Info extension
Renegotiation info extension length: 0
Extension: status_request (len=5)
Type: status_request (5)
Length: 5
Certificate Status Type: OCSP (1)
Responder ID list Length: 0
Request Extensions Length: 0
Extension: session_ticket (len=0)
Type: session_ticket (35)
Length: 0
Session Ticket: <MISSING>
Extension: server_name (len=25) name=int44.zakupki.gov.ru
Type: server_name (0)
Length: 25
Server Name Indication extension
Server Name list length: 23
Server Name Type: host_name (0)
Server Name length: 20
Server Name: int44.zakupki.gov.ru
Extension: extended_master_secret (len=0)
Type: extended_master_secret (23)
Length: 0
Extension: signature_algorithms (len=12)
Type: signature_algorithms (13)
Length: 12
Signature Hash Algorithms Length: 10
Signature Hash Algorithms (5 algorithms)
[JA4: t12d050600_cbd4d4a1dd58_7372bd63c07d]
[JA4_r: t12d050600_0081,c100,c101,c102,ff85_0005,000d,0017,0023,ff01_eeee,0840,efef,0841,eded]
[JA3 Fullstring: 771,49408-49409-49410-65413-129,65281-5-35-0-23-13,,]
[JA3: 5aac373b5ec7f89463a0402223787a33]
ОТВЕТ СЕРВЕРА ЯНДЕКС БРАУЗЕР
========================================
Frame 10: 1514 bytes on wire (12112 bits), 1514 bytes captured (12112 bits) on interface \Device\NPF_{FFF41D36-4E05-4E64-99E7-77CB59DDE4A7}, id 0
Ethernet II, Src: Routerboardc_dd:9c:8d (d4:ca:6d:dd:9c:8d), Dst: MicroStarINT_63:7b:eb (8c:89:a5:63:7b:eb)
Internet Protocol Version 4, Src: 94.25.27.252, Dst: 192.168.0.45
Transmission Control Protocol, Src Port: 443, Dst Port: 28082, Seq: 1, Ack: 128, Len: 1460
Transport Layer Security
TLSv1.2 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 53
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 49
Version: TLS 1.2 (0x0303)
Random: b4c2366a8c1ff0b0139a08cba09ccca300d9c628c699e3ec14890d66e96f7ba3
GMT Unix Time: Feb 5, 2066 23:19:54.000000000 RTZ 2 (зима)
Random Bytes: 8c1ff0b0139a08cba09ccca300d9c628c699e3ec14890d66e96f7ba3
Session ID Length: 0
Cipher Suite: Unknown (0xff85)
Compression Method: null (0)
Extensions Length: 9
Extension: renegotiation_info (len=1)
Type: renegotiation_info (65281)
Length: 1
Renegotiation Info extension
Renegotiation info extension length: 0
Extension: session_ticket (len=0)
Type: session_ticket (35)
Length: 0
Session Ticket: <MISSING>
[JA3S Fullstring: 771,65413,65281-35]
[JA3S: 118ff544d792261b76b44c8daef0f068]
TLS segment data (1402 bytes)
Тут я обратил внимание на неизвестный шифр Cipher Suite: Unknown (0xff85) который сайт и браузер выбирают для общения
А тот же запрос через openssh заказчивается неудачей
(echo -en "GET /eis-integration/services-mis/getDocsMis?wsdl HTTP/1.1\nHost: int44.zakupki.gov.ru\nUser-Agent: curl/8.5.0\nAccept: */*\n\n") | openssl s_client -cipher 'LEGACY-GOST2012-GOST8912-GOST8912' -tls1_2 -connect 94.25.27.252:443 -servername int44.zakupki.gov.ru -quiet -crlf -trace
Sent Record
Header:
Version = TLS 1.0 (0x301)
Content Type = Handshake (22)
Length = 146
ClientHello, Length=142
client_version=0x303 (TLS 1.2)
Random:
gmt_unix_time=0x3F47B5FA
random_bytes (len=28): A7199D3678A53AD388F28629BC01D904B33ABAFD08692E6E7360E5A9
session_id (len=0):
cipher_suites (len=4)
{0xFF, 0x85} LEGACY-GOST2012-GOST8912-GOST8912
{0x00, 0xFF} TLS_EMPTY_RENEGOTIATION_INFO_SCSV
compression_methods (len=1)
No Compression (0x00)
extensions, length = 97
extension_type=server_name(0), length=25
0000 - 00 17 00 00 14 69 6e 74-34 34 2e 7a 61 6b 75 .....int44.zaku
000f - 70 6b 69 2e 67 6f 76 2e-72 75 pki.gov.ru
extension_type=session_ticket(35), length=0
extension_type=encrypt_then_mac(22), length=0
extension_type=extended_master_secret(23), length=0
extension_type=signature_algorithms(13), length=52
ecdsa_secp256r1_sha256 (0x0403)
ecdsa_secp384r1_sha384 (0x0503)
ecdsa_secp521r1_sha512 (0x0603)
ed25519 (0x0807)
ed448 (0x0808)
rsa_pss_pss_sha256 (0x0809)
rsa_pss_pss_sha384 (0x080a)
rsa_pss_pss_sha512 (0x080b)
rsa_pss_rsae_sha256 (0x0804)
rsa_pss_rsae_sha384 (0x0805)
rsa_pss_rsae_sha512 (0x0806)
rsa_pkcs1_sha256 (0x0401)
rsa_pkcs1_sha384 (0x0501)
rsa_pkcs1_sha512 (0x0601)
ecdsa_sha224 (0x0303)
rsa_pkcs1_sha224 (0x0301)
dsa_sha224 (0x0302)
dsa_sha256 (0x0402)
dsa_sha384 (0x0502)
dsa_sha512 (0x0602)
gost2012_256 (0x0840)
gost2012_512 (0x0841)
gost2012_256 (0xeeee)
gost2012_512 (0xefef)
gost2001_gost94 (0xeded)
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 53
ServerHello, Length=49
server_version=0x303 (TLS 1.2)
Random:
gmt_unix_time=0x85939739
random_bytes (len=28): 7DB4E3F9E745D4D91D91986A55DBFCA7767ED27BF7B6D83CB2A42486
session_id (len=0):
cipher_suite {0xFF, 0x85} LEGACY-GOST2012-GOST8912-GOST8912
compression_method: No Compression (0x00)
extensions, length = 9
extension_type=renegotiate(65281), length=1
<EMPTY>
extension_type=session_ticket(35), length=0
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 5655
Certificate, Length=5651
certificate_list, length=5648
ASN.1Cert, length=2229
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f9:96:28:57:74:4e:70:de:be:a9:a8:fe:1d:aa:32:7e
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Issuer: emailAddress = uc_fk@roskazna.ru, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, 1.2.643.100.4 = 7710568760, OGRN = 1047797019830, street = "\D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA, \D0\B4. 6, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 1", L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, C = RU, O = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, CN = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Validity
Not Before: May 2 08:12:20 2024 GMT
Not After : Jul 26 08:12:20 2025 GMT
Subject: C = RU, ST = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = \D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA \D0\B4\D0\BE\D0\BC 6 \D1\81\D1\82\D1\80.1, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, O = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E, OGRN = 1047797019830, 1.2.643.100.4 = 7710568760, emailAddress = ababochenko@roskazna.ru, CN = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E
Subject Public Key Info:
Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
Public key:
X:993A5FE1A85BA48A71D47E1E5C503721B6D8FF1BAECE377359EEA7BE11C87F4
Y:EDA6BD45F35169F54C029500EE645464159F791E2E09CC365F7552010765968F
Parameter set: id-GostR3410-2001-CryptoPro-XchA-ParamSet
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Key Agreement
X509v3 Subject Alternative Name:
DNS:*.zakupki.gov.ru, DNS:zakupki.gov.ru
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: Class of Signing Tool KC1
Policy: Class of Signing Tool KC2
1.2.643.100.114:
...
Signing Tool of Subject:
"КриптоПро CSP" (версия 4.0)
Signing Tool of Issuer:
signTool : Программно-аппаратный комплекс ViPNet PKI Service (на аппаратной платформе HSM 2000Q2)
cATool : Программно-аппаратный комплекс «Юнисерт-ГОСТ». Версия 4.0
signToolCert: Cертификат соответствия №СФ/124-4328 от 29.08.2022
cAToolCert : Заключение на средство УЦ №149/7/6/213 от 30.03.2023
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.roskazna.ru/crl/ucfk_2023.crl
Full Name:
URI:http://crl.fk.local/crl/ucfk_2023.crl
Authority Information Access:
CA Issuers - URI:http://crl.roskazna.ru/crl/ucfk_2023.crt
CA Issuers - URI:http://crl.fk.local/crl/ucfk_2023.crt
X509v3 Subject Key Identifier:
21:92:6D:E9:0C:D6:1A:68:CB:78:F9:46:DA:82:F5:C7:33:BE:13:55
X509v3 Authority Key Identifier:
keyid:A7:0B:95:28:6F:9F:E4:4B:8A:51:80:B2:85:1F:89:4A:FC:E7:F0:9C
DirName:/emailAddress=dit@digital.gov.ru/C=RU/ST=77 \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0/L=\xD0\xB3. \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0
serial:F0:A9:E2:89:00:00:00:00:07:9E
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Signature Value:
df:3e:23:61:de:24:31:28:c7:b7:27:63:1d:d7:e2:27:19:92:
3e:d3:f2:2e:58:3a:52:e6:54:b8:0c:c7:97:c0:4b:06:da:23:
43:ed:3e:3e:ed:b3:18:45:6e:1c:da:6c:9d:c9:f8:e7:3c:7d:
57:3c:d1:d9:da:b8:e2:95:c5:f9
-----BEGIN CERTIFICATE-----
MIIIsTCCCF6gAwIBAgIRAPmWKFd0TnDevqmo/h2qMn4wCgYIKoUDBwEBAwIwggFX
MSAwHgYJKoZIhvcNAQkBFhF1Y19ma0Byb3NrYXpuYS5ydTEYMBYGA1UECAwPNzcg
0JzQvtGB0LrQstCwMRUwEwYFKoUDZAQSCjc3MTA1Njg3NjAxGDAWBgUqhQNkARIN
MTA0Nzc5NzAxOTgzMDFgMF4GA1UECQxX0JHQvtC70YzRiNC+0Lkg0JfQu9Cw0YLQ
vtGD0YHRgtC40L3RgdC60LjQuSDQv9C10YDQtdGD0LvQvtC6LCDQtC4gNiwg0YHR
gtGA0L7QtdC90LjQtSAxMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQstCwMQswCQYD
VQQGEwJSVTEuMCwGA1UECgwl0JrQsNC30L3QsNGH0LXQudGB0YLQstC+INCg0L7R
gdGB0LjQuDEuMCwGA1UEAwwl0JrQsNC30L3QsNGH0LXQudGB0YLQstC+INCg0L7R
gdGB0LjQuDAeFw0yNDA1MDIwODEyMjBaFw0yNTA3MjYwODEyMjBaMIIBaTELMAkG
A1UEBhMCUlUxGTAXBgNVBAgMENCzLiDQnNC+0YHQutCy0LAxVzBVBgNVBAkMTtCR
0L7Qu9GM0YjQvtC5INCX0LvQsNGC0L7Rg9GB0YLQuNC90YHQutC40Lkg0L/QtdGA
0LXRg9C70L7QuiDQtNC+0LwgNiDRgdGC0YAuMTEZMBcGA1UEBwwQ0LMuINCc0L7R
gdC60LLQsDE4MDYGA1UECgwv0KTQldCU0JXQoNCQ0JvQrNCd0J7QlSDQmtCQ0JfQ
ndCQ0KfQldCZ0KHQotCS0J4xGDAWBgUqhQNkARINMTA0Nzc5NzAxOTgzMDEVMBMG
BSqFA2QEEgo3NzEwNTY4NzYwMSYwJAYJKoZIhvcNAQkBFhdhYmFib2NoZW5rb0By
b3NrYXpuYS5ydTE4MDYGA1UEAwwv0KTQldCU0JXQoNCQ0JvQrNCd0J7QlSDQmtCQ
0JfQndCQ0KfQldCZ0KHQotCS0J4wZjAfBggqhQMHAQEBATATBgcqhQMCAiQABggq
hQMHAQECAgNDAARA9Icc4XvqnjV34+y68Y9tG3IDxeXhRx2nSLqFGv6lkwmPlmUH
AVJ1XzbMCS4eeZ8VZFRk7gCVAkz1aVHzRb2m7aOCBOYwggTiMA4GA1UdDwEB/wQE
AwID+DArBgNVHREEJDAighAqLnpha3Vwa2kuZ292LnJ1gg56YWt1cGtpLmdvdi5y
dTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0gBBYwFDAIBgYq
hQNkcQEwCAYGKoUDZHECMAwGBSqFA2RyBAMCAQAwNgYFKoUDZG8ELQwrItCa0YDQ
uNC/0YLQvtCf0YDQviBDU1AiICjQstC10YDRgdC40Y8gNC4wKTCCAaIGBSqFA2Rw
BIIBlzCCAZMMgYfQn9GA0L7Qs9GA0LDQvNC80L3Qvi3QsNC/0L/QsNGA0LDRgtC9
0YvQuSDQutC+0LzQv9C70LXQutGBIFZpUE5ldCBQS0kgU2VydmljZSAo0L3QsCDQ
sNC/0L/QsNGA0LDRgtC90L7QuSDQv9C70LDRgtGE0L7RgNC80LUgSFNNIDIwMDBR
MikMaNCf0YDQvtCz0YDQsNC80LzQvdC+LdCw0L/Qv9Cw0YDQsNGC0L3Ri9C5INC6
0L7QvNC/0LvQtdC60YEgwqvQrtC90LjRgdC10YDRgi3Qk9Ce0KHQosK7LiDQktC1
0YDRgdC40Y8gNC4wDE1D0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC
0YHRgtCy0LjRjyDihJbQodCkLzEyNC00MzI4INC+0YIgMjkuMDguMjAyMgxO0JfQ
sNC60LvRjtGH0LXQvdC40LUg0L3QsCDRgdGA0LXQtNGB0YLQstC+INCj0KYg4oSW
MTQ5LzcvNi8yMTMg0L7RgiAzMC4wMy4yMDIzMGYGA1UdHwRfMF0wLqAsoCqGKGh0
dHA6Ly9jcmwucm9za2F6bmEucnUvY3JsL3VjZmtfMjAyMy5jcmwwK6ApoCeGJWh0
dHA6Ly9jcmwuZmsubG9jYWwvY3JsL3VjZmtfMjAyMy5jcmwwdwYIKwYBBQUHAQEE
azBpMDQGCCsGAQUFBzAChihodHRwOi8vY3JsLnJvc2them5hLnJ1L2NybC91Y2Zr
XzIwMjMuY3J0MDEGCCsGAQUFBzAChiVodHRwOi8vY3JsLmZrLmxvY2FsL2NybC91
Y2ZrXzIwMjMuY3J0MB0GA1UdDgQWBBQhkm3pDNYaaMt4+UbagvXHM74TVTCCAXcG
A1UdIwSCAW4wggFqgBSnC5Uob5/kS4pRgLKFH4lK/OfwnKGCAUOkggE/MIIBOzEh
MB8GCSqGSIb3DQEJARYSZGl0QGRpZ2l0YWwuZ292LnJ1MQswCQYDVQQGEwJSVTEY
MBYGA1UECAwPNzcg0JzQvtGB0LrQstCwMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQ
stCwMVMwUQYDVQQJDErQn9GA0LXRgdC90LXQvdGB0LrQsNGPINC90LDQsdC10YDQ
tdC20L3QsNGPLCDQtNC+0LwgMTAsINGB0YLRgNC+0LXQvdC40LUgMjEmMCQGA1UE
Cgwd0JzQuNC90YbQuNGE0YDRiyDQoNC+0YHRgdC40LgxGDAWBgUqhQNkARINMTA0
NzcwMjAyNjcwMTEVMBMGBSqFA2QEEgo3NzEwNDc0Mzc1MSYwJAYDVQQDDB3QnNC4
0L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuIILAPCp4okAAAAAB54wCgYIKoUDBwEB
AwIDQQDfPiNh3iQxKMe3J2Md1+InGZI+0/IuWDpS5lS4DMeXwEsG2iND7T4+7bMY
RW4c2mydyfjnPH1XPNHZ2rjilcX5
-----END CERTIFICATE-----
------------------
ASN.1Cert, length=2045
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f0:a9:e2:89:00:00:00:00:07:9e
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Issuer: emailAddress = dit@digital.gov.ru, C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Validity
Not Before: Mar 21 15:00:46 2023 GMT
Not After : Mar 21 15:00:46 2038 GMT
Subject: emailAddress = uc_fk@roskazna.ru, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, 1.2.643.100.4 = 7710568760, OGRN = 1047797019830, street = "\D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA, \D0\B4. 6, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 1", L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, C = RU, O = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, CN = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Subject Public Key Info:
Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
Public key:
X:A6D0255C31AB8300024BC917D6FD2A29D5912B13CF7D44B8E76DD0ADBFAE12D7
Y:4F24F8FB04CD5AC581540C7517789314A6FBBA082FF0CFD6BA21B444E816F055
Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
Signing Tool of Subject:
Программно-аппаратный комплекс ViPNet PKI Service (на аппаратной платформе HSM 2000Q2)
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
X509v3 Certificate Policies:
Policy: Class of Signing Tool KC1
Policy: Class of Signing Tool KC2
Policy: Class of Signing Tool KC3
1.2.643.100.114:
...
X509v3 Authority Key Identifier:
keyid:C9:13:58:B1:4C:A7:62:3A:7E:D2:3F:3C:A6:E7:14:7C:9D:70:A3:86
DirName:/emailAddress=dit@digital.gov.ru/C=RU/ST=77 \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0/L=\xD0\xB3. \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0
serial:95:1F:A3:47:7C:61:04:3A:AD:FA:85:86:27:82:34:42
X509v3 Subject Key Identifier:
A7:0B:95:28:6F:9F:E4:4B:8A:51:80:B2:85:1F:89:4A:FC:E7:F0:9C
X509v3 CRL Distribution Points:
Full Name:
URI:http://reestr-pki.ru/cdp/guc2022.crl
Full Name:
URI:http://company.rt.ru/cdp/guc2022.crl
Full Name:
URI:http://rostelecom.ru/cdp/guc2022.crl
Authority Information Access:
CA Issuers - URI:http://reestr-pki.ru/cdp/guc2022.crt
Signing Tool of Issuer:
signTool : ПАКМ «КриптоПро HSM» версии 2.0
cATool : ПАК «Головной удостоверяющий центр»
signToolCert: Заключение № 149/3/2/2/23 от 02.03.2018
cAToolCert : Заключение № 149/7/6-449 от 30.12.2021
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Signature Value:
40:45:f2:ba:ef:53:81:29:41:42:42:dd:32:0a:68:de:f9:69:
a5:c7:45:70:7f:7a:21:4b:53:df:39:94:3a:1c:d0:2f:8d:1e:
df:20:0c:ac:1f:fa:76:20:a6:88:67:ec:a5:61:a4:73:cf:0a:
04:cb:b0:98:7a:68:7c:58:dc:70
-----BEGIN CERTIFICATE-----
MIIH+TCCB6agAwIBAgILAPCp4okAAAAAB54wCgYIKoUDBwEBAwIwggE7MSEwHwYJ
KoZIhvcNAQkBFhJkaXRAZGlnaXRhbC5nb3YucnUxCzAJBgNVBAYTAlJVMRgwFgYD
VQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNVBAcMENCzLiDQnNC+0YHQutCy0LAx
UzBRBgNVBAkMStCf0YDQtdGB0L3QtdC90YHQutCw0Y8g0L3QsNCx0LXRgNC10LbQ
vdCw0Y8sINC00L7QvCAxMCwg0YHRgtGA0L7QtdC90LjQtSAyMSYwJAYDVQQKDB3Q
nNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuDEYMBYGBSqFA2QBEg0xMDQ3NzAy
MDI2NzAxMRUwEwYFKoUDZAQSCjc3MTA0NzQzNzUxJjAkBgNVBAMMHdCc0LjQvdGG
0LjRhNGA0Ysg0KDQvtGB0YHQuNC4MB4XDTIzMDMyMTE1MDA0NloXDTM4MDMyMTE1
MDA0NlowggFXMSAwHgYJKoZIhvcNAQkBFhF1Y19ma0Byb3NrYXpuYS5ydTEYMBYG
A1UECAwPNzcg0JzQvtGB0LrQstCwMRUwEwYFKoUDZAQSCjc3MTA1Njg3NjAxGDAW
BgUqhQNkARINMTA0Nzc5NzAxOTgzMDFgMF4GA1UECQxX0JHQvtC70YzRiNC+0Lkg
0JfQu9Cw0YLQvtGD0YHRgtC40L3RgdC60LjQuSDQv9C10YDQtdGD0LvQvtC6LCDQ
tC4gNiwg0YHRgtGA0L7QtdC90LjQtSAxMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQ
stCwMQswCQYDVQQGEwJSVTEuMCwGA1UECgwl0JrQsNC30L3QsNGH0LXQudGB0YLQ
stC+INCg0L7RgdGB0LjQuDEuMCwGA1UEAwwl0JrQsNC30L3QsNGH0LXQudGB0YLQ
stC+INCg0L7RgdGB0LjQuDBmMB8GCCqFAwcBAQEBMBMGByqFAwICIwEGCCqFAwcB
AQICA0MABEDXEq6/rdBt57hEfc8TK5HVKSr91hfJSwIAg6sxXCXQplXwFuhEtCG6
1s/wLwi6+6YUk3gXdQxUgcVazQT7+CRPo4IEYjCCBF4wEgYDVR0TAQH/BAgwBgEB
/wIBADCBlAYFKoUDZG8EgYoMgYfQn9GA0L7Qs9GA0LDQvNC80L3Qvi3QsNC/0L/Q
sNGA0LDRgtC90YvQuSDQutC+0LzQv9C70LXQutGBIFZpUE5ldCBQS0kgU2Vydmlj
ZSAo0L3QsCDQsNC/0L/QsNGA0LDRgtC90L7QuSDQv9C70LDRgtGE0L7RgNC80LUg
SFNNIDIwMDBRMikwDgYDVR0PAQH/BAQDAgHGMCcGA1UdIAQgMB4wCAYGKoUDZHEB
MAgGBiqFA2RxAjAIBgYqhQNkcQMwDAYFKoUDZHIEAwIBATCCAX0GA1UdIwSCAXQw
ggFwgBTJE1ixTKdiOn7SPzym5xR8nXCjhqGCAUOkggE/MIIBOzEhMB8GCSqGSIb3
DQEJARYSZGl0QGRpZ2l0YWwuZ292LnJ1MQswCQYDVQQGEwJSVTEYMBYGA1UECAwP
Nzcg0JzQvtGB0LrQstCwMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQstCwMVMwUQYD
VQQJDErQn9GA0LXRgdC90LXQvdGB0LrQsNGPINC90LDQsdC10YDQtdC20L3QsNGP
LCDQtNC+0LwgMTAsINGB0YLRgNC+0LXQvdC40LUgMjEmMCQGA1UECgwd0JzQuNC9
0YbQuNGE0YDRiyDQoNC+0YHRgdC40LgxGDAWBgUqhQNkARINMTA0NzcwMjAyNjcw
MTEVMBMGBSqFA2QEEgo3NzEwNDc0Mzc1MSYwJAYDVQQDDB3QnNC40L3RhtC40YTR
gNGLINCg0L7RgdGB0LjQuIIRAJUfo0d8YQQ6rfqFhieCNEIwHQYDVR0OBBYEFKcL
lShvn+RLilGAsoUfiUr85/CcMIGPBgNVHR8EgYcwgYQwKqAooCaGJGh0dHA6Ly9y
ZWVzdHItcGtpLnJ1L2NkcC9ndWMyMDIyLmNybDAqoCigJoYkaHR0cDovL2NvbXBh
bnkucnQucnUvY2RwL2d1YzIwMjIuY3JsMCqgKKAmhiRodHRwOi8vcm9zdGVsZWNv
bS5ydS9jZHAvZ3VjMjAyMi5jcmwwQAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzAC
hiRodHRwOi8vcmVlc3RyLXBraS5ydS9jZHAvZ3VjMjAyMi5jcnQwgfUGBSqFA2Rw
BIHrMIHoDDTQn9CQ0JrQnCDCq9Ca0YDQuNC/0YLQvtCf0YDQviBIU03CuyDQstC1
0YDRgdC40LggMi4wDEPQn9CQ0JogwqvQk9C+0LvQvtCy0L3QvtC5INGD0LTQvtGB
0YLQvtCy0LXRgNGP0Y7RidC40Lkg0YbQtdC90YLRgMK7DDXQl9Cw0LrQu9GO0YfQ
tdC90LjQtSDihJYgMTQ5LzMvMi8yLzIzINC+0YIgMDIuMDMuMjAxOAw00JfQsNC6
0LvRjtGH0LXQvdC40LUg4oSWIDE0OS83LzYtNDQ5INC+0YIgMzAuMTIuMjAyMTAK
BggqhQMHAQEDAgNBAEBF8rrvU4EpQUJC3TIKaN75aaXHRXB/eiFLU985lDoc0C+N
Ht8gDKwf+nYgpohn7KVhpHPPCgTLsJh6aHxY3HA=
-----END CERTIFICATE-----
------------------
ASN.1Cert, length=1365
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
95:1f:a3:47:7c:61:04:3a:ad:fa:85:86:27:82:34:42
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Issuer: emailAddress = dit@digital.gov.ru, C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Validity
Not Before: Jan 8 13:32:39 2022 GMT
Not After : Jan 8 13:32:39 2040 GMT
Subject: emailAddress = dit@digital.gov.ru, C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Subject Public Key Info:
Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
Public key:
X:DDFC283E51F6E01AAF8F7F83BFAB16DF6E33F6BC76BF5A8C0B8F6B1DA46B4A5A
Y:8E40EAA6F495DB554F1B5AEC630C4368EEA22F99206AF749196EADE3C247F46E
Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
X509v3 extensions:
Signing Tool of Issuer:
signTool : ПАКМ «КриптоПро HSM» версии 2.0
cATool : ПАК «Головной удостоверяющий центр»
signToolCert: Заключение № 149/3/2/2/23 от 02.03.2018
cAToolCert : Заключение № 149/7/6-449 от 30.12.2021
Signing Tool of Subject:
ПАКМ «КриптоПро HSM» версии 2.0
1.2.643.100.114:
...
X509v3 Certificate Policies:
Policy: Class of Signing Tool KC1
Policy: Class of Signing Tool KC2
Policy: Class of Signing Tool KC3
Policy: Class of Signing Tool KB1
Policy: Class of Signing Tool KB2
Policy: X509v3 Any Policy
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
C9:13:58:B1:4C:A7:62:3A:7E:D2:3F:3C:A6:E7:14:7C:9D:70:A3:86
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Signature Value:
82:49:78:48:0a:0d:d2:67:f4:d3:0a:d4:49:a4:11:6e:5c:64:
b2:dc:f7:99:4c:47:8e:c1:d3:87:22:fd:2d:5a:23:76:ab:49:
8f:47:30:7f:a3:aa:fd:31:78:c6:a9:dc:df:60:6b:42:ae:ad:
65:e4:5b:17:64:e2:39:73:fd:92
-----BEGIN CERTIFICATE-----
MIIFUTCCBP6gAwIBAgIRAJUfo0d8YQQ6rfqFhieCNEIwCgYIKoUDBwEBAwIwggE7
MSEwHwYJKoZIhvcNAQkBFhJkaXRAZGlnaXRhbC5nb3YucnUxCzAJBgNVBAYTAlJV
MRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNVBAcMENCzLiDQnNC+0YHQ
utCy0LAxUzBRBgNVBAkMStCf0YDQtdGB0L3QtdC90YHQutCw0Y8g0L3QsNCx0LXR
gNC10LbQvdCw0Y8sINC00L7QvCAxMCwg0YHRgtGA0L7QtdC90LjQtSAyMSYwJAYD
VQQKDB3QnNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuDEYMBYGBSqFA2QBEg0x
MDQ3NzAyMDI2NzAxMRUwEwYFKoUDZAQSCjc3MTA0NzQzNzUxJjAkBgNVBAMMHdCc
0LjQvdGG0LjRhNGA0Ysg0KDQvtGB0YHQuNC4MB4XDTIyMDEwODEzMzIzOVoXDTQw
MDEwODEzMzIzOVowggE7MSEwHwYJKoZIhvcNAQkBFhJkaXRAZGlnaXRhbC5nb3Yu
cnUxCzAJBgNVBAYTAlJVMRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNV
BAcMENCzLiDQnNC+0YHQutCy0LAxUzBRBgNVBAkMStCf0YDQtdGB0L3QtdC90YHQ
utCw0Y8g0L3QsNCx0LXRgNC10LbQvdCw0Y8sINC00L7QvCAxMCwg0YHRgtGA0L7Q
tdC90LjQtSAyMSYwJAYDVQQKDB3QnNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQ
uDEYMBYGBSqFA2QBEg0xMDQ3NzAyMDI2NzAxMRUwEwYFKoUDZAQSCjc3MTA0NzQz
NzUxJjAkBgNVBAMMHdCc0LjQvdGG0LjRhNGA0Ysg0KDQvtGB0YHQuNC4MGYwHwYI
KoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIDQwAEQFpKa6Qda48LjFq/drz2
M27fFqu/g3+Prxrg9lE+KPzdbvRHwuOtbhlJ92ogmS+i7mhDDGPsWhtPVduV9Kbq
QI6jggHQMIIBzDCB9QYFKoUDZHAEgeswgegMNNCf0JDQmtCcIMKr0JrRgNC40L/R
gtC+0J/RgNC+IEhTTcK7INCy0LXRgNGB0LjQuCAyLjAMQ9Cf0JDQmiDCq9CT0L7Q
u9C+0LLQvdC+0Lkg0YPQtNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDRhtC10L3R
gtGAwrsMNdCX0LDQutC70Y7Rh9C10L3QuNC1IOKEliAxNDkvMy8yLzIvMjMg0L7R
giAwMi4wMy4yMDE4DDTQl9Cw0LrQu9GO0YfQtdC90LjQtSDihJYgMTQ5LzcvNi00
NDkg0L7RgiAzMC4xMi4yMDIxMD8GBSqFA2RvBDYMNNCf0JDQmtCcIMKr0JrRgNC4
0L/RgtC+0J/RgNC+IEhTTcK7INCy0LXRgNGB0LjQuCAyLjAwDAYFKoUDZHIEAwIB
ADBDBgNVHSAEPDA6MAgGBiqFA2RxATAIBgYqhQNkcQIwCAYGKoUDZHEDMAgGBiqF
A2RxBDAIBgYqhQNkcQUwBgYEVR0gADAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
BAUwAwEB/zAdBgNVHQ4EFgQUyRNYsUynYjp+0j88pucUfJ1wo4YwCgYIKoUDBwEB
AwIDQQCCSXhICg3SZ/TTCtRJpBFuXGSy3PeZTEeOwdOHIv0tWiN2q0mPRzB/o6r9
MXjGqdzfYGtCrq1l5FsXZOI5c/2S
-----END CERTIFICATE-----
------------------
depth=2 emailAddress = dit@digital.gov.ru, C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
verify error:num=19:self-signed certificate in certificate chain
verify return:1
depth=2 emailAddress = dit@digital.gov.ru, C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
verify return:1
depth=1 emailAddress = uc_fk@roskazna.ru, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, 1.2.643.100.4 = 7710568760, OGRN = 1047797019830, street = "\D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA, \D0\B4. 6, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 1", L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, C = RU, O = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, CN = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
verify return:1
depth=0 C = RU, ST = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = \D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA \D0\B4\D0\BE\D0\BC 6 \D1\81\D1\82\D1\80.1, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, O = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E, OGRN = 1047797019830, 1.2.643.100.4 = 7710568760, emailAddress = ababochenko@roskazna.ru, CN = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E
verify return:1
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 4
ServerHelloDone, Length=0
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 179
ClientKeyExchange, Length=175
KeyExchangeAlgorithm=GOST
GostKeyTransportBlob (len=175): 3081AC3081A93028042061C9A9224EE73816D3006A120FD8A3A69CBECD64E7A8B82D7F0AE3CCA57B17D50404158B21F1A07D06092A8503070102050101A066301F06082A85030701010101301306072A85030202240006082A85030701010202034300044018DFCE9E05B7EE7850D54FCF0B535A5A1FE5EE8CD5A392A5DEB4CED34E592C350F2109CDF3A02F47E5E8C81A504F1AD4CE98171A39DD2425319BB7123D29CC01040803E7B811EBF942B0
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ChangeCipherSpec (20)
Length = 1
change_cipher_spec (1)
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 20
Finished, Length=12
verify_data (len=12): 7BB91ACD5C01353AC9B4A7E0
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 218
NewSessionTicket, Length=214
ticket_lifetime_hint=300
ticket (len=208): 2AFF6EE305579708A0C661AF7D998213AB15405B7A7EE197882745CE1C395DC6F4A8102DB76CB81DCCA74E0230DE006AD00BDF5038386C2980E8A37B3A41A39B5F4D1D780CF30724DB36254402D66C0EFFFEB12A35F11C7B19C5086004D360379B2320FD4CD1FAC906394B8EF8C5BCA00EABE35D1E91835FB23AB8B8B747DF18DF22AC21316044121F34F6C866BD157127DDF3611E5EDAEE7766B0D32323E47F75924453FFFA88055E8A044E87B6A5592F75648900B1A8F65BB6130CA7FBF9EF3FF0DE464DA2873850A5CEFDA771BA58
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ChangeCipherSpec (20)
Length = 1
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 20
Finished, Length=12
verify_data (len=12): 65879304E18110BA0D26EFC6
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ApplicationData (23)
Length = 131
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 8
HelloRequest, Length=0
Unsupported, hex dump follows:
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 405
ClientHello, Length=397
client_version=0x303 (TLS 1.2)
Random:
gmt_unix_time=0x14908EBD
random_bytes (len=28): 1279EF6323772168CF0CEF071E07D6B29DFF5F21A2E47A6FEC5F401B
session_id (len=32): FF817399ACB4AB691A5400B724239EAF7DA5DAEFED99A2C1560460DA8C08998A
cipher_suites (len=2)
{0xFF, 0x85} LEGACY-GOST2012-GOST8912-GOST8912
compression_methods (len=1)
No Compression (0x00)
extensions, length = 322
extension_type=renegotiate(65281), length=13
client_verify_data (len=12): 7BB91ACD5C01353AC9B4A7E0
extension_type=server_name(0), length=25
0000 - 00 17 00 00 14 69 6e 74-34 34 2e 7a 61 6b 75 .....int44.zaku
000f - 70 6b 69 2e 67 6f 76 2e-72 75 pki.gov.ru
extension_type=session_ticket(35), length=208
ticket (len=208): 2AFF6EE305579708A0C661AF7D998213AB15405B7A7EE197882745CE1C395DC6F4A8102DB76CB81DCCA74E0230DE006AD00BDF5038386C2980E8A37B3A41A39B5F4D1D780CF30724DB36254402D66C0EFFFEB12A35F11C7B19C5086004D360379B2320FD4CD1FAC906394B8EF8C5BCA00EABE35D1E91835FB23AB8B8B747DF18DF22AC21316044121F34F6C866BD157127DDF3611E5EDAEE7766B0D32323E47F75924453FFFA88055E8A044E87B6A5592F75648900B1A8F65BB6130CA7FBF9EF3FF0DE464DA2873850A5CEFDA771BA58
extension_type=encrypt_then_mac(22), length=0
extension_type=extended_master_secret(23), length=0
extension_type=signature_algorithms(13), length=52
ecdsa_secp256r1_sha256 (0x0403)
ecdsa_secp384r1_sha384 (0x0503)
ecdsa_secp521r1_sha512 (0x0603)
ed25519 (0x0807)
ed448 (0x0808)
rsa_pss_pss_sha256 (0x0809)
rsa_pss_pss_sha384 (0x080a)
rsa_pss_pss_sha512 (0x080b)
rsa_pss_rsae_sha256 (0x0804)
rsa_pss_rsae_sha384 (0x0805)
rsa_pss_rsae_sha512 (0x0806)
rsa_pkcs1_sha256 (0x0401)
rsa_pkcs1_sha384 (0x0501)
rsa_pkcs1_sha512 (0x0601)
ecdsa_sha224 (0x0303)
rsa_pkcs1_sha224 (0x0301)
dsa_sha224 (0x0302)
dsa_sha256 (0x0402)
dsa_sha384 (0x0502)
dsa_sha512 (0x0602)
gost2012_256 (0x0840)
gost2012_512 (0x0841)
gost2012_256 (0xeeee)
gost2012_512 (0xefef)
gost2001_gost94 (0xeded)
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 81
ServerHello, Length=73
server_version=0x303 (TLS 1.2)
Random:
gmt_unix_time=0xC5B2AA6A
random_bytes (len=28): 6C283D9E420DD4AF41D8169688F4586D2481CF3F086B595A4B5F103C
session_id (len=0):
cipher_suite {0xFF, 0x85} LEGACY-GOST2012-GOST8912-GOST8912
compression_method: No Compression (0x00)
extensions, length = 33
extension_type=renegotiate(65281), length=25
client_verify_data (len=12): 7BB91ACD5C01353AC9B4A7E0
server_verify_data (len=12): 65879304E18110BA0D26EFC6
extension_type=session_ticket(35), length=0
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 5659
Certificate, Length=5651
certificate_list, length=5648
ASN.1Cert, length=2229
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f9:96:28:57:74:4e:70:de:be:a9:a8:fe:1d:aa:32:7e
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Issuer: emailAddress = uc_fk@roskazna.ru, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, 1.2.643.100.4 = 7710568760, OGRN = 1047797019830, street = "\D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA, \D0\B4. 6, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 1", L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, C = RU, O = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, CN = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Validity
Not Before: May 2 08:12:20 2024 GMT
Not After : Jul 26 08:12:20 2025 GMT
Subject: C = RU, ST = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = \D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA \D0\B4\D0\BE\D0\BC 6 \D1\81\D1\82\D1\80.1, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, O = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E, OGRN = 1047797019830, 1.2.643.100.4 = 7710568760, emailAddress = ababochenko@roskazna.ru, CN = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E
Subject Public Key Info:
Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
Public key:
X:993A5FE1A85BA48A71D47E1E5C503721B6D8FF1BAECE377359EEA7BE11C87F4
Y:EDA6BD45F35169F54C029500EE645464159F791E2E09CC365F7552010765968F
Parameter set: id-GostR3410-2001-CryptoPro-XchA-ParamSet
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Key Agreement
X509v3 Subject Alternative Name:
DNS:*.zakupki.gov.ru, DNS:zakupki.gov.ru
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: Class of Signing Tool KC1
Policy: Class of Signing Tool KC2
1.2.643.100.114:
...
Signing Tool of Subject:
"КриптоПро CSP" (версия 4.0)
Signing Tool of Issuer:
signTool : Программно-аппаратный комплекс ViPNet PKI Service (на аппаратной платформе HSM 2000Q2)
cATool : Программно-аппаратный комплекс «Юнисерт-ГОСТ». Версия 4.0
signToolCert: Cертификат соответствия №СФ/124-4328 от 29.08.2022
cAToolCert : Заключение на средство УЦ №149/7/6/213 от 30.03.2023
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.roskazna.ru/crl/ucfk_2023.crl
Full Name:
URI:http://crl.fk.local/crl/ucfk_2023.crl
Authority Information Access:
CA Issuers - URI:http://crl.roskazna.ru/crl/ucfk_2023.crt
CA Issuers - URI:http://crl.fk.local/crl/ucfk_2023.crt
X509v3 Subject Key Identifier:
21:92:6D:E9:0C:D6:1A:68:CB:78:F9:46:DA:82:F5:C7:33:BE:13:55
X509v3 Authority Key Identifier:
keyid:A7:0B:95:28:6F:9F:E4:4B:8A:51:80:B2:85:1F:89:4A:FC:E7:F0:9C
DirName:/emailAddress=dit@digital.gov.ru/C=RU/ST=77 \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0/L=\xD0\xB3. \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0
serial:F0:A9:E2:89:00:00:00:00:07:9E
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Signature Value:
df:3e:23:61:de:24:31:28:c7:b7:27:63:1d:d7:e2:27:19:92:
3e:d3:f2:2e:58:3a:52:e6:54:b8:0c:c7:97:c0:4b:06:da:23:
43:ed:3e:3e:ed:b3:18:45:6e:1c:da:6c:9d:c9:f8:e7:3c:7d:
57:3c:d1:d9:da:b8:e2:95:c5:f9
-----BEGIN CERTIFICATE-----
MIIIsTCCCF6gAwIBAgIRAPmWKFd0TnDevqmo/h2qMn4wCgYIKoUDBwEBAwIwggFX
MSAwHgYJKoZIhvcNAQkBFhF1Y19ma0Byb3NrYXpuYS5ydTEYMBYGA1UECAwPNzcg
0JzQvtGB0LrQstCwMRUwEwYFKoUDZAQSCjc3MTA1Njg3NjAxGDAWBgUqhQNkARIN
MTA0Nzc5NzAxOTgzMDFgMF4GA1UECQxX0JHQvtC70YzRiNC+0Lkg0JfQu9Cw0YLQ
vtGD0YHRgtC40L3RgdC60LjQuSDQv9C10YDQtdGD0LvQvtC6LCDQtC4gNiwg0YHR
gtGA0L7QtdC90LjQtSAxMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQstCwMQswCQYD
VQQGEwJSVTEuMCwGA1UECgwl0JrQsNC30L3QsNGH0LXQudGB0YLQstC+INCg0L7R
gdGB0LjQuDEuMCwGA1UEAwwl0JrQsNC30L3QsNGH0LXQudGB0YLQstC+INCg0L7R
gdGB0LjQuDAeFw0yNDA1MDIwODEyMjBaFw0yNTA3MjYwODEyMjBaMIIBaTELMAkG
A1UEBhMCUlUxGTAXBgNVBAgMENCzLiDQnNC+0YHQutCy0LAxVzBVBgNVBAkMTtCR
0L7Qu9GM0YjQvtC5INCX0LvQsNGC0L7Rg9GB0YLQuNC90YHQutC40Lkg0L/QtdGA
0LXRg9C70L7QuiDQtNC+0LwgNiDRgdGC0YAuMTEZMBcGA1UEBwwQ0LMuINCc0L7R
gdC60LLQsDE4MDYGA1UECgwv0KTQldCU0JXQoNCQ0JvQrNCd0J7QlSDQmtCQ0JfQ
ndCQ0KfQldCZ0KHQotCS0J4xGDAWBgUqhQNkARINMTA0Nzc5NzAxOTgzMDEVMBMG
BSqFA2QEEgo3NzEwNTY4NzYwMSYwJAYJKoZIhvcNAQkBFhdhYmFib2NoZW5rb0By
b3NrYXpuYS5ydTE4MDYGA1UEAwwv0KTQldCU0JXQoNCQ0JvQrNCd0J7QlSDQmtCQ
0JfQndCQ0KfQldCZ0KHQotCS0J4wZjAfBggqhQMHAQEBATATBgcqhQMCAiQABggq
hQMHAQECAgNDAARA9Icc4XvqnjV34+y68Y9tG3IDxeXhRx2nSLqFGv6lkwmPlmUH
AVJ1XzbMCS4eeZ8VZFRk7gCVAkz1aVHzRb2m7aOCBOYwggTiMA4GA1UdDwEB/wQE
AwID+DArBgNVHREEJDAighAqLnpha3Vwa2kuZ292LnJ1gg56YWt1cGtpLmdvdi5y
dTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0gBBYwFDAIBgYq
hQNkcQEwCAYGKoUDZHECMAwGBSqFA2RyBAMCAQAwNgYFKoUDZG8ELQwrItCa0YDQ
uNC/0YLQvtCf0YDQviBDU1AiICjQstC10YDRgdC40Y8gNC4wKTCCAaIGBSqFA2Rw
BIIBlzCCAZMMgYfQn9GA0L7Qs9GA0LDQvNC80L3Qvi3QsNC/0L/QsNGA0LDRgtC9
0YvQuSDQutC+0LzQv9C70LXQutGBIFZpUE5ldCBQS0kgU2VydmljZSAo0L3QsCDQ
sNC/0L/QsNGA0LDRgtC90L7QuSDQv9C70LDRgtGE0L7RgNC80LUgSFNNIDIwMDBR
MikMaNCf0YDQvtCz0YDQsNC80LzQvdC+LdCw0L/Qv9Cw0YDQsNGC0L3Ri9C5INC6
0L7QvNC/0LvQtdC60YEgwqvQrtC90LjRgdC10YDRgi3Qk9Ce0KHQosK7LiDQktC1
0YDRgdC40Y8gNC4wDE1D0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC
0YHRgtCy0LjRjyDihJbQodCkLzEyNC00MzI4INC+0YIgMjkuMDguMjAyMgxO0JfQ
sNC60LvRjtGH0LXQvdC40LUg0L3QsCDRgdGA0LXQtNGB0YLQstC+INCj0KYg4oSW
MTQ5LzcvNi8yMTMg0L7RgiAzMC4wMy4yMDIzMGYGA1UdHwRfMF0wLqAsoCqGKGh0
dHA6Ly9jcmwucm9za2F6bmEucnUvY3JsL3VjZmtfMjAyMy5jcmwwK6ApoCeGJWh0
dHA6Ly9jcmwuZmsubG9jYWwvY3JsL3VjZmtfMjAyMy5jcmwwdwYIKwYBBQUHAQEE
azBpMDQGCCsGAQUFBzAChihodHRwOi8vY3JsLnJvc2them5hLnJ1L2NybC91Y2Zr
XzIwMjMuY3J0MDEGCCsGAQUFBzAChiVodHRwOi8vY3JsLmZrLmxvY2FsL2NybC91
Y2ZrXzIwMjMuY3J0MB0GA1UdDgQWBBQhkm3pDNYaaMt4+UbagvXHM74TVTCCAXcG
A1UdIwSCAW4wggFqgBSnC5Uob5/kS4pRgLKFH4lK/OfwnKGCAUOkggE/MIIBOzEh
MB8GCSqGSIb3DQEJARYSZGl0QGRpZ2l0YWwuZ292LnJ1MQswCQYDVQQGEwJSVTEY
MBYGA1UECAwPNzcg0JzQvtGB0LrQstCwMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQ
stCwMVMwUQYDVQQJDErQn9GA0LXRgdC90LXQvdGB0LrQsNGPINC90LDQsdC10YDQ
tdC20L3QsNGPLCDQtNC+0LwgMTAsINGB0YLRgNC+0LXQvdC40LUgMjEmMCQGA1UE
Cgwd0JzQuNC90YbQuNGE0YDRiyDQoNC+0YHRgdC40LgxGDAWBgUqhQNkARINMTA0
NzcwMjAyNjcwMTEVMBMGBSqFA2QEEgo3NzEwNDc0Mzc1MSYwJAYDVQQDDB3QnNC4
0L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuIILAPCp4okAAAAAB54wCgYIKoUDBwEB
AwIDQQDfPiNh3iQxKMe3J2Md1+InGZI+0/IuWDpS5lS4DMeXwEsG2iND7T4+7bMY
RW4c2mydyfjnPH1XPNHZ2rjilcX5
-----END CERTIFICATE-----
------------------
ASN.1Cert, length=2045
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f0:a9:e2:89:00:00:00:00:07:9e
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Issuer: emailAddress = dit@digital.gov.ru, C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Validity
Not Before: Mar 21 15:00:46 2023 GMT
Not After : Mar 21 15:00:46 2038 GMT
Subject: emailAddress = uc_fk@roskazna.ru, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, 1.2.643.100.4 = 7710568760, OGRN = 1047797019830, street = "\D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA, \D0\B4. 6, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 1", L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, C = RU, O = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, CN = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Subject Public Key Info:
Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
Public key:
X:A6D0255C31AB8300024BC917D6FD2A29D5912B13CF7D44B8E76DD0ADBFAE12D7
Y:4F24F8FB04CD5AC581540C7517789314A6FBBA082FF0CFD6BA21B444E816F055
Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
Signing Tool of Subject:
Программно-аппаратный комплекс ViPNet PKI Service (на аппаратной платформе HSM 2000Q2)
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
X509v3 Certificate Policies:
Policy: Class of Signing Tool KC1
Policy: Class of Signing Tool KC2
Policy: Class of Signing Tool KC3
1.2.643.100.114:
...
X509v3 Authority Key Identifier:
keyid:C9:13:58:B1:4C:A7:62:3A:7E:D2:3F:3C:A6:E7:14:7C:9D:70:A3:86
DirName:/emailAddress=dit@digital.gov.ru/C=RU/ST=77 \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0/L=\xD0\xB3. \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0
serial:95:1F:A3:47:7C:61:04:3A:AD:FA:85:86:27:82:34:42
X509v3 Subject Key Identifier:
A7:0B:95:28:6F:9F:E4:4B:8A:51:80:B2:85:1F:89:4A:FC:E7:F0:9C
X509v3 CRL Distribution Points:
Full Name:
URI:http://reestr-pki.ru/cdp/guc2022.crl
Full Name:
URI:http://company.rt.ru/cdp/guc2022.crl
Full Name:
URI:http://rostelecom.ru/cdp/guc2022.crl
Authority Information Access:
CA Issuers - URI:http://reestr-pki.ru/cdp/guc2022.crt
Signing Tool of Issuer:
signTool : ПАКМ «КриптоПро HSM» версии 2.0
cATool : ПАК «Головной удостоверяющий центр»
signToolCert: Заключение № 149/3/2/2/23 от 02.03.2018
cAToolCert : Заключение № 149/7/6-449 от 30.12.2021
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Signature Value:
40:45:f2:ba:ef:53:81:29:41:42:42:dd:32:0a:68:de:f9:69:
a5:c7:45:70:7f:7a:21:4b:53:df:39:94:3a:1c:d0:2f:8d:1e:
df:20:0c:ac:1f:fa:76:20:a6:88:67:ec:a5:61:a4:73:cf:0a:
04:cb:b0:98:7a:68:7c:58:dc:70
-----BEGIN CERTIFICATE-----
MIIH+TCCB6agAwIBAgILAPCp4okAAAAAB54wCgYIKoUDBwEBAwIwggE7MSEwHwYJ
KoZIhvcNAQkBFhJkaXRAZGlnaXRhbC5nb3YucnUxCzAJBgNVBAYTAlJVMRgwFgYD
VQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNVBAcMENCzLiDQnNC+0YHQutCy0LAx
UzBRBgNVBAkMStCf0YDQtdGB0L3QtdC90YHQutCw0Y8g0L3QsNCx0LXRgNC10LbQ
vdCw0Y8sINC00L7QvCAxMCwg0YHRgtGA0L7QtdC90LjQtSAyMSYwJAYDVQQKDB3Q
nNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuDEYMBYGBSqFA2QBEg0xMDQ3NzAy
MDI2NzAxMRUwEwYFKoUDZAQSCjc3MTA0NzQzNzUxJjAkBgNVBAMMHdCc0LjQvdGG
0LjRhNGA0Ysg0KDQvtGB0YHQuNC4MB4XDTIzMDMyMTE1MDA0NloXDTM4MDMyMTE1
MDA0NlowggFXMSAwHgYJKoZIhvcNAQkBFhF1Y19ma0Byb3NrYXpuYS5ydTEYMBYG
A1UECAwPNzcg0JzQvtGB0LrQstCwMRUwEwYFKoUDZAQSCjc3MTA1Njg3NjAxGDAW
BgUqhQNkARINMTA0Nzc5NzAxOTgzMDFgMF4GA1UECQxX0JHQvtC70YzRiNC+0Lkg
0JfQu9Cw0YLQvtGD0YHRgtC40L3RgdC60LjQuSDQv9C10YDQtdGD0LvQvtC6LCDQ
tC4gNiwg0YHRgtGA0L7QtdC90LjQtSAxMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQ
stCwMQswCQYDVQQGEwJSVTEuMCwGA1UECgwl0JrQsNC30L3QsNGH0LXQudGB0YLQ
stC+INCg0L7RgdGB0LjQuDEuMCwGA1UEAwwl0JrQsNC30L3QsNGH0LXQudGB0YLQ
stC+INCg0L7RgdGB0LjQuDBmMB8GCCqFAwcBAQEBMBMGByqFAwICIwEGCCqFAwcB
AQICA0MABEDXEq6/rdBt57hEfc8TK5HVKSr91hfJSwIAg6sxXCXQplXwFuhEtCG6
1s/wLwi6+6YUk3gXdQxUgcVazQT7+CRPo4IEYjCCBF4wEgYDVR0TAQH/BAgwBgEB
/wIBADCBlAYFKoUDZG8EgYoMgYfQn9GA0L7Qs9GA0LDQvNC80L3Qvi3QsNC/0L/Q
sNGA0LDRgtC90YvQuSDQutC+0LzQv9C70LXQutGBIFZpUE5ldCBQS0kgU2Vydmlj
ZSAo0L3QsCDQsNC/0L/QsNGA0LDRgtC90L7QuSDQv9C70LDRgtGE0L7RgNC80LUg
SFNNIDIwMDBRMikwDgYDVR0PAQH/BAQDAgHGMCcGA1UdIAQgMB4wCAYGKoUDZHEB
MAgGBiqFA2RxAjAIBgYqhQNkcQMwDAYFKoUDZHIEAwIBATCCAX0GA1UdIwSCAXQw
ggFwgBTJE1ixTKdiOn7SPzym5xR8nXCjhqGCAUOkggE/MIIBOzEhMB8GCSqGSIb3
DQEJARYSZGl0QGRpZ2l0YWwuZ292LnJ1MQswCQYDVQQGEwJSVTEYMBYGA1UECAwP
Nzcg0JzQvtGB0LrQstCwMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQstCwMVMwUQYD
VQQJDErQn9GA0LXRgdC90LXQvdGB0LrQsNGPINC90LDQsdC10YDQtdC20L3QsNGP
LCDQtNC+0LwgMTAsINGB0YLRgNC+0LXQvdC40LUgMjEmMCQGA1UECgwd0JzQuNC9
0YbQuNGE0YDRiyDQoNC+0YHRgdC40LgxGDAWBgUqhQNkARINMTA0NzcwMjAyNjcw
MTEVMBMGBSqFA2QEEgo3NzEwNDc0Mzc1MSYwJAYDVQQDDB3QnNC40L3RhtC40YTR
gNGLINCg0L7RgdGB0LjQuIIRAJUfo0d8YQQ6rfqFhieCNEIwHQYDVR0OBBYEFKcL
lShvn+RLilGAsoUfiUr85/CcMIGPBgNVHR8EgYcwgYQwKqAooCaGJGh0dHA6Ly9y
ZWVzdHItcGtpLnJ1L2NkcC9ndWMyMDIyLmNybDAqoCigJoYkaHR0cDovL2NvbXBh
bnkucnQucnUvY2RwL2d1YzIwMjIuY3JsMCqgKKAmhiRodHRwOi8vcm9zdGVsZWNv
bS5ydS9jZHAvZ3VjMjAyMi5jcmwwQAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzAC
hiRodHRwOi8vcmVlc3RyLXBraS5ydS9jZHAvZ3VjMjAyMi5jcnQwgfUGBSqFA2Rw
BIHrMIHoDDTQn9CQ0JrQnCDCq9Ca0YDQuNC/0YLQvtCf0YDQviBIU03CuyDQstC1
0YDRgdC40LggMi4wDEPQn9CQ0JogwqvQk9C+0LvQvtCy0L3QvtC5INGD0LTQvtGB
0YLQvtCy0LXRgNGP0Y7RidC40Lkg0YbQtdC90YLRgMK7DDXQl9Cw0LrQu9GO0YfQ
tdC90LjQtSDihJYgMTQ5LzMvMi8yLzIzINC+0YIgMDIuMDMuMjAxOAw00JfQsNC6
0LvRjtGH0LXQvdC40LUg4oSWIDE0OS83LzYtNDQ5INC+0YIgMzAuMTIuMjAyMTAK
BggqhQMHAQEDAgNBAEBF8rrvU4EpQUJC3TIKaN75aaXHRXB/eiFLU985lDoc0C+N
Ht8gDKwf+nYgpohn7KVhpHPPCgTLsJh6aHxY3HA=
-----END CERTIFICATE-----
------------------
ASN.1Cert, length=1365
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
95:1f:a3:47:7c:61:04:3a:ad:fa:85:86:27:82:34:42
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Issuer: emailAddress = dit@digital.gov.ru, C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Validity
Not Before: Jan 8 13:32:39 2022 GMT
Not After : Jan 8 13:32:39 2040 GMT
Subject: emailAddress = dit@digital.gov.ru, C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Subject Public Key Info:
Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
Public key:
X:DDFC283E51F6E01AAF8F7F83BFAB16DF6E33F6BC76BF5A8C0B8F6B1DA46B4A5A
Y:8E40EAA6F495DB554F1B5AEC630C4368EEA22F99206AF749196EADE3C247F46E
Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
X509v3 extensions:
Signing Tool of Issuer:
signTool : ПАКМ «КриптоПро HSM» версии 2.0
cATool : ПАК «Головной удостоверяющий центр»
signToolCert: Заключение № 149/3/2/2/23 от 02.03.2018
cAToolCert : Заключение № 149/7/6-449 от 30.12.2021
Signing Tool of Subject:
ПАКМ «КриптоПро HSM» версии 2.0
1.2.643.100.114:
...
X509v3 Certificate Policies:
Policy: Class of Signing Tool KC1
Policy: Class of Signing Tool KC2
Policy: Class of Signing Tool KC3
Policy: Class of Signing Tool KB1
Policy: Class of Signing Tool KB2
Policy: X509v3 Any Policy
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
C9:13:58:B1:4C:A7:62:3A:7E:D2:3F:3C:A6:E7:14:7C:9D:70:A3:86
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Signature Value:
82:49:78:48:0a:0d:d2:67:f4:d3:0a:d4:49:a4:11:6e:5c:64:
b2:dc:f7:99:4c:47:8e:c1:d3:87:22:fd:2d:5a:23:76:ab:49:
8f:47:30:7f:a3:aa:fd:31:78:c6:a9:dc:df:60:6b:42:ae:ad:
65:e4:5b:17:64:e2:39:73:fd:92
-----BEGIN CERTIFICATE-----
MIIFUTCCBP6gAwIBAgIRAJUfo0d8YQQ6rfqFhieCNEIwCgYIKoUDBwEBAwIwggE7
MSEwHwYJKoZIhvcNAQkBFhJkaXRAZGlnaXRhbC5nb3YucnUxCzAJBgNVBAYTAlJV
MRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNVBAcMENCzLiDQnNC+0YHQ
utCy0LAxUzBRBgNVBAkMStCf0YDQtdGB0L3QtdC90YHQutCw0Y8g0L3QsNCx0LXR
gNC10LbQvdCw0Y8sINC00L7QvCAxMCwg0YHRgtGA0L7QtdC90LjQtSAyMSYwJAYD
VQQKDB3QnNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuDEYMBYGBSqFA2QBEg0x
MDQ3NzAyMDI2NzAxMRUwEwYFKoUDZAQSCjc3MTA0NzQzNzUxJjAkBgNVBAMMHdCc
0LjQvdGG0LjRhNGA0Ysg0KDQvtGB0YHQuNC4MB4XDTIyMDEwODEzMzIzOVoXDTQw
MDEwODEzMzIzOVowggE7MSEwHwYJKoZIhvcNAQkBFhJkaXRAZGlnaXRhbC5nb3Yu
cnUxCzAJBgNVBAYTAlJVMRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNV
BAcMENCzLiDQnNC+0YHQutCy0LAxUzBRBgNVBAkMStCf0YDQtdGB0L3QtdC90YHQ
utCw0Y8g0L3QsNCx0LXRgNC10LbQvdCw0Y8sINC00L7QvCAxMCwg0YHRgtGA0L7Q
tdC90LjQtSAyMSYwJAYDVQQKDB3QnNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQ
uDEYMBYGBSqFA2QBEg0xMDQ3NzAyMDI2NzAxMRUwEwYFKoUDZAQSCjc3MTA0NzQz
NzUxJjAkBgNVBAMMHdCc0LjQvdGG0LjRhNGA0Ysg0KDQvtGB0YHQuNC4MGYwHwYI
KoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIDQwAEQFpKa6Qda48LjFq/drz2
M27fFqu/g3+Prxrg9lE+KPzdbvRHwuOtbhlJ92ogmS+i7mhDDGPsWhtPVduV9Kbq
QI6jggHQMIIBzDCB9QYFKoUDZHAEgeswgegMNNCf0JDQmtCcIMKr0JrRgNC40L/R
gtC+0J/RgNC+IEhTTcK7INCy0LXRgNGB0LjQuCAyLjAMQ9Cf0JDQmiDCq9CT0L7Q
u9C+0LLQvdC+0Lkg0YPQtNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDRhtC10L3R
gtGAwrsMNdCX0LDQutC70Y7Rh9C10L3QuNC1IOKEliAxNDkvMy8yLzIvMjMg0L7R
giAwMi4wMy4yMDE4DDTQl9Cw0LrQu9GO0YfQtdC90LjQtSDihJYgMTQ5LzcvNi00
NDkg0L7RgiAzMC4xMi4yMDIxMD8GBSqFA2RvBDYMNNCf0JDQmtCcIMKr0JrRgNC4
0L/RgtC+0J/RgNC+IEhTTcK7INCy0LXRgNGB0LjQuCAyLjAwDAYFKoUDZHIEAwIB
ADBDBgNVHSAEPDA6MAgGBiqFA2RxATAIBgYqhQNkcQIwCAYGKoUDZHEDMAgGBiqF
A2RxBDAIBgYqhQNkcQUwBgYEVR0gADAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
BAUwAwEB/zAdBgNVHQ4EFgQUyRNYsUynYjp+0j88pucUfJ1wo4YwCgYIKoUDBwEB
AwIDQQCCSXhICg3SZ/TTCtRJpBFuXGSy3PeZTEeOwdOHIv0tWiN2q0mPRzB/o6r9
MXjGqdzfYGtCrq1l5FsXZOI5c/2S
-----END CERTIFICATE-----
------------------
depth=2 emailAddress = dit@digital.gov.ru, C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
verify error:num=19:self-signed certificate in certificate chain
verify return:1
depth=2 emailAddress = dit@digital.gov.ru, C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
verify return:1
depth=1 emailAddress = uc_fk@roskazna.ru, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, 1.2.643.100.4 = 7710568760, OGRN = 1047797019830, street = "\D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA, \D0\B4. 6, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 1", L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, C = RU, O = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, CN = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
verify return:1
depth=0 C = RU, ST = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = \D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA \D0\B4\D0\BE\D0\BC 6 \D1\81\D1\82\D1\80.1, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, O = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E, OGRN = 1047797019830, 1.2.643.100.4 = 7710568760, emailAddress = ababochenko@roskazna.ru, CN = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E
verify return:1
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 57
CertificateRequest, Length=45
certificate_types (len=4)
UNKNOWN (21)
UNKNOWN (22)
UNKNOWN (238)
UNKNOWN (239)
signature_algorithms (len=36)
rsa_pkcs1_sha512 (0x0601)
dsa_sha512 (0x0602)
ecdsa_secp521r1_sha512 (0x0603)
rsa_pkcs1_sha384 (0x0501)
dsa_sha384 (0x0502)
ecdsa_secp384r1_sha384 (0x0503)
rsa_pkcs1_sha256 (0x0401)
dsa_sha256 (0x0402)
ecdsa_secp256r1_sha256 (0x0403)
rsa_pkcs1_sha224 (0x0301)
dsa_sha224 (0x0302)
ecdsa_sha224 (0x0303)
rsa_pkcs1_sha1 (0x0201)
dsa_sha1 (0x0202)
ecdsa_sha1 (0x0203)
gost2001_gost94 (0xeded)
gost2012_256 (0xeeee)
gost2012_512 (0xefef)
certificate_authorities (len=0)
ServerHelloDone, Length=0
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 11
Certificate, Length=3
certificate_list, length=0
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 183
ClientKeyExchange, Length=175
KeyExchangeAlgorithm=GOST
GostKeyTransportBlob (len=175): 3081AC3081A9302804209B5AF432B0712F93FE40EE638324A777C3EEC8CFF5EAABBA090072DE5FEC0FF804049C5063ADA07D06092A8503070102050101A066301F06082A85030701010101301306072A85030202240006082A8503070101020203430004409C0932046C4DE2696A97B20DE42F2D3CA6ADE708F52FCD6ABE1CCFE9DF596EF2E8D4DF6DAB06E3790048206D0917CCC51EC8C252CA1401209027EB7754CB22FA0408ED1F9FCE4B7B7B23
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ChangeCipherSpec (20)
Length = 5
change_cipher_spec (1)
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 20
Finished, Length=12
verify_data (len=12): B371A8D92D32001E2F7A14E5
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Alert (21)
Length = 6
Level=fatal(2), description=handshake failure(40)
4097656D097D0000:error:0A000410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1599:SSL alert number 40
В браузере Yandex в качестве ключа через plug-in cryptopro выступает файл на диске .cer
Есть ли пути решения данной проблемы и если да то в каком направлении искать решение?
Заранее спасибо за ответ