You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Добрый день.
Пытаюсь наладить работу с сервисом отдачи дотументов сайта госзакупок.
Если я отправляю запрос на корень сайта (где не идет проверка цифровой подписи), то все рабаотает
(echo -en "GET / HTTP/1.1\nHost: int44.zakupki.gov.ru\nUser-Agent: curl/8.5.0\nAccept: */*\n\n") | openssl s_client -cipher 'LEGACY-GOST2012-GOST8912-GOST8912' -tls1_2 -connect 94.25.27.252:443 -servername int44.zakupki.gov.ru -quiet -crlf -trace
Sent Record
Header:
Version = TLS 1.0 (0x301)
Content Type = Handshake (22)
Length = 146
......
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ApplicationData (23)
Length = 87
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ApplicationData (23)
Length = 357
HTTP/1.1 200 OK
Date: Mon, 14 Oct 2024 09:51:12 GMT
Server: Apache
Set-Cookie: _usertrack=931f3e1b.6246cc6e6f2a1; path=/; domain=.zakupki.gov.ru
Last-Modified: Fri, 15 Jul 2022 11:14:54 GMT
ETag: "2d-5e3d620a8e780"
Accept-Ranges: bytes
Content-Length: 45
Vary: User-Agent
Content-Type: text/html
<html><body><h1>It works!</h1></body></html>
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Alert (21)
Length = 6
Level=warning(1), description=close notify(0)
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Alert (21)
Length = 6
Level=warning(1), description=close notify(0)
Если я начинаю отправлять запросы на адрес, где идет проверка элекстронной цифровой подписи, то работать перестает и я не знаю как подступится к решению.
На windows + yandex браузер все работает
Вот кусок из Wireshark
ЗАПРОС ЯНДЕКС БРАУЗЕРА
=======================================
Frame 8: 181 bytes on wire (1448 bits), 181 bytes captured (1448 bits) on interface \Device\NPF_{FFF41D36-4E05-4E64-99E7-77CB59DDE4A7}, id 0
Ethernet II, Src: MicroStarINT_63:7b:eb (8c:89:a5:63:7b:eb), Dst: Routerboardc_dd:9c:8d (d4:ca:6d:dd:9c:8d)
Internet Protocol Version 4, Src: 192.168.0.45, Dst: 94.25.27.252
Transmission Control Protocol, Src Port: 28082, Dst Port: 443, Seq: 1, Ack: 1, Len: 127
Transport Layer Security
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 122
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 118
Version: TLS 1.2 (0x0303)
Random: 67077edffcf34f9a2cf4ee5cdc10270dc6bee137869ad9ffda25d27241ccabe1
GMT Unix Time: Oct 10, 2024 10:14:39.000000000 RTZ 2 (зима)
Random Bytes: fcf34f9a2cf4ee5cdc10270dc6bee137869ad9ffda25d27241ccabe1
Session ID Length: 0
Cipher Suites Length: 10
Cipher Suites (5 suites)
Cipher Suite: TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC (0xc100)
Cipher Suite: TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC (0xc101)
Cipher Suite: TLS_GOSTR341112_256_WITH_28147_CNT_IMIT (0xc102)
Cipher Suite: Unknown (0xff85)
Cipher Suite: TLS_GOSTR341001_WITH_28147_CNT_IMIT (0x0081)
Compression Methods Length: 1
Compression Methods (1 method)
Compression Method: null (0)
Extensions Length: 67
Extension: renegotiation_info (len=1)
Type: renegotiation_info (65281)
Length: 1
Renegotiation Info extension
Renegotiation info extension length: 0
Extension: status_request (len=5)
Type: status_request (5)
Length: 5
Certificate Status Type: OCSP (1)
Responder ID list Length: 0
Request Extensions Length: 0
Extension: session_ticket (len=0)
Type: session_ticket (35)
Length: 0
Session Ticket: <MISSING>
Extension: server_name (len=25) name=int44.zakupki.gov.ru
Type: server_name (0)
Length: 25
Server Name Indication extension
Server Name list length: 23
Server Name Type: host_name (0)
Server Name length: 20
Server Name: int44.zakupki.gov.ru
Extension: extended_master_secret (len=0)
Type: extended_master_secret (23)
Length: 0
Extension: signature_algorithms (len=12)
Type: signature_algorithms (13)
Length: 12
Signature Hash Algorithms Length: 10
Signature Hash Algorithms (5 algorithms)
[JA4: t12d050600_cbd4d4a1dd58_7372bd63c07d]
[JA4_r: t12d050600_0081,c100,c101,c102,ff85_0005,000d,0017,0023,ff01_eeee,0840,efef,0841,eded]
[JA3 Fullstring: 771,49408-49409-49410-65413-129,65281-5-35-0-23-13,,]
[JA3: 5aac373b5ec7f89463a0402223787a33]
ОТВЕТ СЕРВЕРА ЯНДЕКС БРАУЗЕР
========================================
Frame 10: 1514 bytes on wire (12112 bits), 1514 bytes captured (12112 bits) on interface \Device\NPF_{FFF41D36-4E05-4E64-99E7-77CB59DDE4A7}, id 0
Ethernet II, Src: Routerboardc_dd:9c:8d (d4:ca:6d:dd:9c:8d), Dst: MicroStarINT_63:7b:eb (8c:89:a5:63:7b:eb)
Internet Protocol Version 4, Src: 94.25.27.252, Dst: 192.168.0.45
Transmission Control Protocol, Src Port: 443, Dst Port: 28082, Seq: 1, Ack: 128, Len: 1460
Transport Layer Security
TLSv1.2 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 53
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 49
Version: TLS 1.2 (0x0303)
Random: b4c2366a8c1ff0b0139a08cba09ccca300d9c628c699e3ec14890d66e96f7ba3
GMT Unix Time: Feb 5, 2066 23:19:54.000000000 RTZ 2 (зима)
Random Bytes: 8c1ff0b0139a08cba09ccca300d9c628c699e3ec14890d66e96f7ba3
Session ID Length: 0
Cipher Suite: Unknown (0xff85)
Compression Method: null (0)
Extensions Length: 9
Extension: renegotiation_info (len=1)
Type: renegotiation_info (65281)
Length: 1
Renegotiation Info extension
Renegotiation info extension length: 0
Extension: session_ticket (len=0)
Type: session_ticket (35)
Length: 0
Session Ticket: <MISSING>
[JA3S Fullstring: 771,65413,65281-35]
[JA3S: 118ff544d792261b76b44c8daef0f068]
TLS segment data (1402 bytes)
Тут я обратил внимание на неизвестный шифр Cipher Suite: Unknown (0xff85) который сайт и браузер выбирают для общения
А тот же запрос через openssh заказчивается неудачей
(echo -en "GET /eis-integration/services-mis/getDocsMis?wsdl HTTP/1.1\nHost: int44.zakupki.gov.ru\nUser-Agent: curl/8.5.0\nAccept: */*\n\n") | openssl s_client -cipher 'LEGACY-GOST2012-GOST8912-GOST8912' -tls1_2 -connect 94.25.27.252:443 -servername int44.zakupki.gov.ru -quiet -crlf -trace
Sent Record
Header:
Version = TLS 1.0 (0x301)
Content Type = Handshake (22)
Length = 146
ClientHello, Length=142
client_version=0x303 (TLS 1.2)
Random:
gmt_unix_time=0x3F47B5FA
random_bytes (len=28): A7199D3678A53AD388F28629BC01D904B33ABAFD08692E6E7360E5A9
session_id (len=0):
cipher_suites (len=4)
{0xFF, 0x85} LEGACY-GOST2012-GOST8912-GOST8912
{0x00, 0xFF} TLS_EMPTY_RENEGOTIATION_INFO_SCSV
compression_methods (len=1)
No Compression (0x00)
extensions, length = 97
extension_type=server_name(0), length=25
0000 - 00 17 00 00 14 69 6e 74-34 34 2e 7a 61 6b 75 .....int44.zaku
000f - 70 6b 69 2e 67 6f 76 2e-72 75 pki.gov.ru
extension_type=session_ticket(35), length=0
extension_type=encrypt_then_mac(22), length=0
extension_type=extended_master_secret(23), length=0
extension_type=signature_algorithms(13), length=52
ecdsa_secp256r1_sha256 (0x0403)
ecdsa_secp384r1_sha384 (0x0503)
ecdsa_secp521r1_sha512 (0x0603)
ed25519 (0x0807)
ed448 (0x0808)
rsa_pss_pss_sha256 (0x0809)
rsa_pss_pss_sha384 (0x080a)
rsa_pss_pss_sha512 (0x080b)
rsa_pss_rsae_sha256 (0x0804)
rsa_pss_rsae_sha384 (0x0805)
rsa_pss_rsae_sha512 (0x0806)
rsa_pkcs1_sha256 (0x0401)
rsa_pkcs1_sha384 (0x0501)
rsa_pkcs1_sha512 (0x0601)
ecdsa_sha224 (0x0303)
rsa_pkcs1_sha224 (0x0301)
dsa_sha224 (0x0302)
dsa_sha256 (0x0402)
dsa_sha384 (0x0502)
dsa_sha512 (0x0602)
gost2012_256 (0x0840)
gost2012_512 (0x0841)
gost2012_256 (0xeeee)
gost2012_512 (0xefef)
gost2001_gost94 (0xeded)
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 53
ServerHello, Length=49
server_version=0x303 (TLS 1.2)
Random:
gmt_unix_time=0x85939739
random_bytes (len=28): 7DB4E3F9E745D4D91D91986A55DBFCA7767ED27BF7B6D83CB2A42486
session_id (len=0):
cipher_suite {0xFF, 0x85} LEGACY-GOST2012-GOST8912-GOST8912
compression_method: No Compression (0x00)
extensions, length = 9
extension_type=renegotiate(65281), length=1
<EMPTY>
extension_type=session_ticket(35), length=0
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 5655
Certificate, Length=5651
certificate_list, length=5648
ASN.1Cert, length=2229
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f9:96:28:57:74:4e:70:de:be:a9:a8:fe:1d:aa:32:7e
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Issuer: emailAddress = [email protected], ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, 1.2.643.100.4 = 7710568760, OGRN = 1047797019830, street = "\D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA, \D0\B4. 6, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 1", L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, C = RU, O = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, CN = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Validity
Not Before: May 2 08:12:20 2024 GMT
Not After : Jul 26 08:12:20 2025 GMT
Subject: C = RU, ST = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = \D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA \D0\B4\D0\BE\D0\BC 6 \D1\81\D1\82\D1\80.1, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, O = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E, OGRN = 1047797019830, 1.2.643.100.4 = 7710568760, emailAddress = [email protected], CN = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E
Subject Public Key Info:
Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
Public key:
X:993A5FE1A85BA48A71D47E1E5C503721B6D8FF1BAECE377359EEA7BE11C87F4
Y:EDA6BD45F35169F54C029500EE645464159F791E2E09CC365F7552010765968F
Parameter set: id-GostR3410-2001-CryptoPro-XchA-ParamSet
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Key Agreement
X509v3 Subject Alternative Name:
DNS:*.zakupki.gov.ru, DNS:zakupki.gov.ru
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: Class of Signing Tool KC1
Policy: Class of Signing Tool KC2
1.2.643.100.114:
...
Signing Tool of Subject:
"КриптоПро CSP" (версия 4.0)
Signing Tool of Issuer:
signTool : Программно-аппаратный комплекс ViPNet PKI Service (на аппаратной платформе HSM 2000Q2)
cATool : Программно-аппаратный комплекс «Юнисерт-ГОСТ». Версия 4.0
signToolCert: Cертификат соответствия №СФ/124-4328 от 29.08.2022
cAToolCert : Заключение на средство УЦ №149/7/6/213 от 30.03.2023
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.roskazna.ru/crl/ucfk_2023.crl
Full Name:
URI:http://crl.fk.local/crl/ucfk_2023.crl
Authority Information Access:
CA Issuers - URI:http://crl.roskazna.ru/crl/ucfk_2023.crt
CA Issuers - URI:http://crl.fk.local/crl/ucfk_2023.crt
X509v3 Subject Key Identifier:
21:92:6D:E9:0C:D6:1A:68:CB:78:F9:46:DA:82:F5:C7:33:BE:13:55
X509v3 Authority Key Identifier:
keyid:A7:0B:95:28:6F:9F:E4:4B:8A:51:80:B2:85:1F:89:4A:FC:E7:F0:9C
DirName:/[email protected]/C=RU/ST=77 \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0/L=\xD0\xB3. \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0
serial:F0:A9:E2:89:00:00:00:00:07:9E
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Signature Value:
df:3e:23:61:de:24:31:28:c7:b7:27:63:1d:d7:e2:27:19:92:
3e:d3:f2:2e:58:3a:52:e6:54:b8:0c:c7:97:c0:4b:06:da:23:
43:ed:3e:3e:ed:b3:18:45:6e:1c:da:6c:9d:c9:f8:e7:3c:7d:
57:3c:d1:d9:da:b8:e2:95:c5:f9
-----BEGIN CERTIFICATE-----
MIIIsTCCCF6gAwIBAgIRAPmWKFd0TnDevqmo/h2qMn4wCgYIKoUDBwEBAwIwggFX
MSAwHgYJKoZIhvcNAQkBFhF1Y19ma0Byb3NrYXpuYS5ydTEYMBYGA1UECAwPNzcg
0JzQvtGB0LrQstCwMRUwEwYFKoUDZAQSCjc3MTA1Njg3NjAxGDAWBgUqhQNkARIN
MTA0Nzc5NzAxOTgzMDFgMF4GA1UECQxX0JHQvtC70YzRiNC+0Lkg0JfQu9Cw0YLQ
vtGD0YHRgtC40L3RgdC60LjQuSDQv9C10YDQtdGD0LvQvtC6LCDQtC4gNiwg0YHR
gtGA0L7QtdC90LjQtSAxMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQstCwMQswCQYD
VQQGEwJSVTEuMCwGA1UECgwl0JrQsNC30L3QsNGH0LXQudGB0YLQstC+INCg0L7R
gdGB0LjQuDEuMCwGA1UEAwwl0JrQsNC30L3QsNGH0LXQudGB0YLQstC+INCg0L7R
gdGB0LjQuDAeFw0yNDA1MDIwODEyMjBaFw0yNTA3MjYwODEyMjBaMIIBaTELMAkG
A1UEBhMCUlUxGTAXBgNVBAgMENCzLiDQnNC+0YHQutCy0LAxVzBVBgNVBAkMTtCR
0L7Qu9GM0YjQvtC5INCX0LvQsNGC0L7Rg9GB0YLQuNC90YHQutC40Lkg0L/QtdGA
0LXRg9C70L7QuiDQtNC+0LwgNiDRgdGC0YAuMTEZMBcGA1UEBwwQ0LMuINCc0L7R
gdC60LLQsDE4MDYGA1UECgwv0KTQldCU0JXQoNCQ0JvQrNCd0J7QlSDQmtCQ0JfQ
ndCQ0KfQldCZ0KHQotCS0J4xGDAWBgUqhQNkARINMTA0Nzc5NzAxOTgzMDEVMBMG
BSqFA2QEEgo3NzEwNTY4NzYwMSYwJAYJKoZIhvcNAQkBFhdhYmFib2NoZW5rb0By
b3NrYXpuYS5ydTE4MDYGA1UEAwwv0KTQldCU0JXQoNCQ0JvQrNCd0J7QlSDQmtCQ
0JfQndCQ0KfQldCZ0KHQotCS0J4wZjAfBggqhQMHAQEBATATBgcqhQMCAiQABggq
hQMHAQECAgNDAARA9Icc4XvqnjV34+y68Y9tG3IDxeXhRx2nSLqFGv6lkwmPlmUH
AVJ1XzbMCS4eeZ8VZFRk7gCVAkz1aVHzRb2m7aOCBOYwggTiMA4GA1UdDwEB/wQE
AwID+DArBgNVHREEJDAighAqLnpha3Vwa2kuZ292LnJ1gg56YWt1cGtpLmdvdi5y
dTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0gBBYwFDAIBgYq
hQNkcQEwCAYGKoUDZHECMAwGBSqFA2RyBAMCAQAwNgYFKoUDZG8ELQwrItCa0YDQ
uNC/0YLQvtCf0YDQviBDU1AiICjQstC10YDRgdC40Y8gNC4wKTCCAaIGBSqFA2Rw
BIIBlzCCAZMMgYfQn9GA0L7Qs9GA0LDQvNC80L3Qvi3QsNC/0L/QsNGA0LDRgtC9
0YvQuSDQutC+0LzQv9C70LXQutGBIFZpUE5ldCBQS0kgU2VydmljZSAo0L3QsCDQ
sNC/0L/QsNGA0LDRgtC90L7QuSDQv9C70LDRgtGE0L7RgNC80LUgSFNNIDIwMDBR
MikMaNCf0YDQvtCz0YDQsNC80LzQvdC+LdCw0L/Qv9Cw0YDQsNGC0L3Ri9C5INC6
0L7QvNC/0LvQtdC60YEgwqvQrtC90LjRgdC10YDRgi3Qk9Ce0KHQosK7LiDQktC1
0YDRgdC40Y8gNC4wDE1D0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC
0YHRgtCy0LjRjyDihJbQodCkLzEyNC00MzI4INC+0YIgMjkuMDguMjAyMgxO0JfQ
sNC60LvRjtGH0LXQvdC40LUg0L3QsCDRgdGA0LXQtNGB0YLQstC+INCj0KYg4oSW
MTQ5LzcvNi8yMTMg0L7RgiAzMC4wMy4yMDIzMGYGA1UdHwRfMF0wLqAsoCqGKGh0
dHA6Ly9jcmwucm9za2F6bmEucnUvY3JsL3VjZmtfMjAyMy5jcmwwK6ApoCeGJWh0
dHA6Ly9jcmwuZmsubG9jYWwvY3JsL3VjZmtfMjAyMy5jcmwwdwYIKwYBBQUHAQEE
azBpMDQGCCsGAQUFBzAChihodHRwOi8vY3JsLnJvc2them5hLnJ1L2NybC91Y2Zr
XzIwMjMuY3J0MDEGCCsGAQUFBzAChiVodHRwOi8vY3JsLmZrLmxvY2FsL2NybC91
Y2ZrXzIwMjMuY3J0MB0GA1UdDgQWBBQhkm3pDNYaaMt4+UbagvXHM74TVTCCAXcG
A1UdIwSCAW4wggFqgBSnC5Uob5/kS4pRgLKFH4lK/OfwnKGCAUOkggE/MIIBOzEh
MB8GCSqGSIb3DQEJARYSZGl0QGRpZ2l0YWwuZ292LnJ1MQswCQYDVQQGEwJSVTEY
MBYGA1UECAwPNzcg0JzQvtGB0LrQstCwMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQ
stCwMVMwUQYDVQQJDErQn9GA0LXRgdC90LXQvdGB0LrQsNGPINC90LDQsdC10YDQ
tdC20L3QsNGPLCDQtNC+0LwgMTAsINGB0YLRgNC+0LXQvdC40LUgMjEmMCQGA1UE
Cgwd0JzQuNC90YbQuNGE0YDRiyDQoNC+0YHRgdC40LgxGDAWBgUqhQNkARINMTA0
NzcwMjAyNjcwMTEVMBMGBSqFA2QEEgo3NzEwNDc0Mzc1MSYwJAYDVQQDDB3QnNC4
0L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuIILAPCp4okAAAAAB54wCgYIKoUDBwEB
AwIDQQDfPiNh3iQxKMe3J2Md1+InGZI+0/IuWDpS5lS4DMeXwEsG2iND7T4+7bMY
RW4c2mydyfjnPH1XPNHZ2rjilcX5
-----END CERTIFICATE-----
------------------
ASN.1Cert, length=2045
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f0:a9:e2:89:00:00:00:00:07:9e
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Issuer: emailAddress = [email protected], C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Validity
Not Before: Mar 21 15:00:46 2023 GMT
Not After : Mar 21 15:00:46 2038 GMT
Subject: emailAddress = [email protected], ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, 1.2.643.100.4 = 7710568760, OGRN = 1047797019830, street = "\D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA, \D0\B4. 6, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 1", L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, C = RU, O = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, CN = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Subject Public Key Info:
Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
Public key:
X:A6D0255C31AB8300024BC917D6FD2A29D5912B13CF7D44B8E76DD0ADBFAE12D7
Y:4F24F8FB04CD5AC581540C7517789314A6FBBA082FF0CFD6BA21B444E816F055
Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
Signing Tool of Subject:
Программно-аппаратный комплекс ViPNet PKI Service (на аппаратной платформе HSM 2000Q2)
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
X509v3 Certificate Policies:
Policy: Class of Signing Tool KC1
Policy: Class of Signing Tool KC2
Policy: Class of Signing Tool KC3
1.2.643.100.114:
...
X509v3 Authority Key Identifier:
keyid:C9:13:58:B1:4C:A7:62:3A:7E:D2:3F:3C:A6:E7:14:7C:9D:70:A3:86
DirName:/[email protected]/C=RU/ST=77 \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0/L=\xD0\xB3. \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0
serial:95:1F:A3:47:7C:61:04:3A:AD:FA:85:86:27:82:34:42
X509v3 Subject Key Identifier:
A7:0B:95:28:6F:9F:E4:4B:8A:51:80:B2:85:1F:89:4A:FC:E7:F0:9C
X509v3 CRL Distribution Points:
Full Name:
URI:http://reestr-pki.ru/cdp/guc2022.crl
Full Name:
URI:http://company.rt.ru/cdp/guc2022.crl
Full Name:
URI:http://rostelecom.ru/cdp/guc2022.crl
Authority Information Access:
CA Issuers - URI:http://reestr-pki.ru/cdp/guc2022.crt
Signing Tool of Issuer:
signTool : ПАКМ «КриптоПро HSM» версии 2.0
cATool : ПАК «Головной удостоверяющий центр»
signToolCert: Заключение № 149/3/2/2/23 от 02.03.2018
cAToolCert : Заключение № 149/7/6-449 от 30.12.2021
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Signature Value:
40:45:f2:ba:ef:53:81:29:41:42:42:dd:32:0a:68:de:f9:69:
a5:c7:45:70:7f:7a:21:4b:53:df:39:94:3a:1c:d0:2f:8d:1e:
df:20:0c:ac:1f:fa:76:20:a6:88:67:ec:a5:61:a4:73:cf:0a:
04:cb:b0:98:7a:68:7c:58:dc:70
-----BEGIN CERTIFICATE-----
MIIH+TCCB6agAwIBAgILAPCp4okAAAAAB54wCgYIKoUDBwEBAwIwggE7MSEwHwYJ
KoZIhvcNAQkBFhJkaXRAZGlnaXRhbC5nb3YucnUxCzAJBgNVBAYTAlJVMRgwFgYD
VQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNVBAcMENCzLiDQnNC+0YHQutCy0LAx
UzBRBgNVBAkMStCf0YDQtdGB0L3QtdC90YHQutCw0Y8g0L3QsNCx0LXRgNC10LbQ
vdCw0Y8sINC00L7QvCAxMCwg0YHRgtGA0L7QtdC90LjQtSAyMSYwJAYDVQQKDB3Q
nNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuDEYMBYGBSqFA2QBEg0xMDQ3NzAy
MDI2NzAxMRUwEwYFKoUDZAQSCjc3MTA0NzQzNzUxJjAkBgNVBAMMHdCc0LjQvdGG
0LjRhNGA0Ysg0KDQvtGB0YHQuNC4MB4XDTIzMDMyMTE1MDA0NloXDTM4MDMyMTE1
MDA0NlowggFXMSAwHgYJKoZIhvcNAQkBFhF1Y19ma0Byb3NrYXpuYS5ydTEYMBYG
A1UECAwPNzcg0JzQvtGB0LrQstCwMRUwEwYFKoUDZAQSCjc3MTA1Njg3NjAxGDAW
BgUqhQNkARINMTA0Nzc5NzAxOTgzMDFgMF4GA1UECQxX0JHQvtC70YzRiNC+0Lkg
0JfQu9Cw0YLQvtGD0YHRgtC40L3RgdC60LjQuSDQv9C10YDQtdGD0LvQvtC6LCDQ
tC4gNiwg0YHRgtGA0L7QtdC90LjQtSAxMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQ
stCwMQswCQYDVQQGEwJSVTEuMCwGA1UECgwl0JrQsNC30L3QsNGH0LXQudGB0YLQ
stC+INCg0L7RgdGB0LjQuDEuMCwGA1UEAwwl0JrQsNC30L3QsNGH0LXQudGB0YLQ
stC+INCg0L7RgdGB0LjQuDBmMB8GCCqFAwcBAQEBMBMGByqFAwICIwEGCCqFAwcB
AQICA0MABEDXEq6/rdBt57hEfc8TK5HVKSr91hfJSwIAg6sxXCXQplXwFuhEtCG6
1s/wLwi6+6YUk3gXdQxUgcVazQT7+CRPo4IEYjCCBF4wEgYDVR0TAQH/BAgwBgEB
/wIBADCBlAYFKoUDZG8EgYoMgYfQn9GA0L7Qs9GA0LDQvNC80L3Qvi3QsNC/0L/Q
sNGA0LDRgtC90YvQuSDQutC+0LzQv9C70LXQutGBIFZpUE5ldCBQS0kgU2Vydmlj
ZSAo0L3QsCDQsNC/0L/QsNGA0LDRgtC90L7QuSDQv9C70LDRgtGE0L7RgNC80LUg
SFNNIDIwMDBRMikwDgYDVR0PAQH/BAQDAgHGMCcGA1UdIAQgMB4wCAYGKoUDZHEB
MAgGBiqFA2RxAjAIBgYqhQNkcQMwDAYFKoUDZHIEAwIBATCCAX0GA1UdIwSCAXQw
ggFwgBTJE1ixTKdiOn7SPzym5xR8nXCjhqGCAUOkggE/MIIBOzEhMB8GCSqGSIb3
DQEJARYSZGl0QGRpZ2l0YWwuZ292LnJ1MQswCQYDVQQGEwJSVTEYMBYGA1UECAwP
Nzcg0JzQvtGB0LrQstCwMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQstCwMVMwUQYD
VQQJDErQn9GA0LXRgdC90LXQvdGB0LrQsNGPINC90LDQsdC10YDQtdC20L3QsNGP
LCDQtNC+0LwgMTAsINGB0YLRgNC+0LXQvdC40LUgMjEmMCQGA1UECgwd0JzQuNC9
0YbQuNGE0YDRiyDQoNC+0YHRgdC40LgxGDAWBgUqhQNkARINMTA0NzcwMjAyNjcw
MTEVMBMGBSqFA2QEEgo3NzEwNDc0Mzc1MSYwJAYDVQQDDB3QnNC40L3RhtC40YTR
gNGLINCg0L7RgdGB0LjQuIIRAJUfo0d8YQQ6rfqFhieCNEIwHQYDVR0OBBYEFKcL
lShvn+RLilGAsoUfiUr85/CcMIGPBgNVHR8EgYcwgYQwKqAooCaGJGh0dHA6Ly9y
ZWVzdHItcGtpLnJ1L2NkcC9ndWMyMDIyLmNybDAqoCigJoYkaHR0cDovL2NvbXBh
bnkucnQucnUvY2RwL2d1YzIwMjIuY3JsMCqgKKAmhiRodHRwOi8vcm9zdGVsZWNv
bS5ydS9jZHAvZ3VjMjAyMi5jcmwwQAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzAC
hiRodHRwOi8vcmVlc3RyLXBraS5ydS9jZHAvZ3VjMjAyMi5jcnQwgfUGBSqFA2Rw
BIHrMIHoDDTQn9CQ0JrQnCDCq9Ca0YDQuNC/0YLQvtCf0YDQviBIU03CuyDQstC1
0YDRgdC40LggMi4wDEPQn9CQ0JogwqvQk9C+0LvQvtCy0L3QvtC5INGD0LTQvtGB
0YLQvtCy0LXRgNGP0Y7RidC40Lkg0YbQtdC90YLRgMK7DDXQl9Cw0LrQu9GO0YfQ
tdC90LjQtSDihJYgMTQ5LzMvMi8yLzIzINC+0YIgMDIuMDMuMjAxOAw00JfQsNC6
0LvRjtGH0LXQvdC40LUg4oSWIDE0OS83LzYtNDQ5INC+0YIgMzAuMTIuMjAyMTAK
BggqhQMHAQEDAgNBAEBF8rrvU4EpQUJC3TIKaN75aaXHRXB/eiFLU985lDoc0C+N
Ht8gDKwf+nYgpohn7KVhpHPPCgTLsJh6aHxY3HA=
-----END CERTIFICATE-----
------------------
ASN.1Cert, length=1365
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
95:1f:a3:47:7c:61:04:3a:ad:fa:85:86:27:82:34:42
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Issuer: emailAddress = [email protected], C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Validity
Not Before: Jan 8 13:32:39 2022 GMT
Not After : Jan 8 13:32:39 2040 GMT
Subject: emailAddress = [email protected], C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Subject Public Key Info:
Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
Public key:
X:DDFC283E51F6E01AAF8F7F83BFAB16DF6E33F6BC76BF5A8C0B8F6B1DA46B4A5A
Y:8E40EAA6F495DB554F1B5AEC630C4368EEA22F99206AF749196EADE3C247F46E
Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
X509v3 extensions:
Signing Tool of Issuer:
signTool : ПАКМ «КриптоПро HSM» версии 2.0
cATool : ПАК «Головной удостоверяющий центр»
signToolCert: Заключение № 149/3/2/2/23 от 02.03.2018
cAToolCert : Заключение № 149/7/6-449 от 30.12.2021
Signing Tool of Subject:
ПАКМ «КриптоПро HSM» версии 2.0
1.2.643.100.114:
...
X509v3 Certificate Policies:
Policy: Class of Signing Tool KC1
Policy: Class of Signing Tool KC2
Policy: Class of Signing Tool KC3
Policy: Class of Signing Tool KB1
Policy: Class of Signing Tool KB2
Policy: X509v3 Any Policy
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
C9:13:58:B1:4C:A7:62:3A:7E:D2:3F:3C:A6:E7:14:7C:9D:70:A3:86
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Signature Value:
82:49:78:48:0a:0d:d2:67:f4:d3:0a:d4:49:a4:11:6e:5c:64:
b2:dc:f7:99:4c:47:8e:c1:d3:87:22:fd:2d:5a:23:76:ab:49:
8f:47:30:7f:a3:aa:fd:31:78:c6:a9:dc:df:60:6b:42:ae:ad:
65:e4:5b:17:64:e2:39:73:fd:92
-----BEGIN CERTIFICATE-----
MIIFUTCCBP6gAwIBAgIRAJUfo0d8YQQ6rfqFhieCNEIwCgYIKoUDBwEBAwIwggE7
MSEwHwYJKoZIhvcNAQkBFhJkaXRAZGlnaXRhbC5nb3YucnUxCzAJBgNVBAYTAlJV
MRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNVBAcMENCzLiDQnNC+0YHQ
utCy0LAxUzBRBgNVBAkMStCf0YDQtdGB0L3QtdC90YHQutCw0Y8g0L3QsNCx0LXR
gNC10LbQvdCw0Y8sINC00L7QvCAxMCwg0YHRgtGA0L7QtdC90LjQtSAyMSYwJAYD
VQQKDB3QnNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuDEYMBYGBSqFA2QBEg0x
MDQ3NzAyMDI2NzAxMRUwEwYFKoUDZAQSCjc3MTA0NzQzNzUxJjAkBgNVBAMMHdCc
0LjQvdGG0LjRhNGA0Ysg0KDQvtGB0YHQuNC4MB4XDTIyMDEwODEzMzIzOVoXDTQw
MDEwODEzMzIzOVowggE7MSEwHwYJKoZIhvcNAQkBFhJkaXRAZGlnaXRhbC5nb3Yu
cnUxCzAJBgNVBAYTAlJVMRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNV
BAcMENCzLiDQnNC+0YHQutCy0LAxUzBRBgNVBAkMStCf0YDQtdGB0L3QtdC90YHQ
utCw0Y8g0L3QsNCx0LXRgNC10LbQvdCw0Y8sINC00L7QvCAxMCwg0YHRgtGA0L7Q
tdC90LjQtSAyMSYwJAYDVQQKDB3QnNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQ
uDEYMBYGBSqFA2QBEg0xMDQ3NzAyMDI2NzAxMRUwEwYFKoUDZAQSCjc3MTA0NzQz
NzUxJjAkBgNVBAMMHdCc0LjQvdGG0LjRhNGA0Ysg0KDQvtGB0YHQuNC4MGYwHwYI
KoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIDQwAEQFpKa6Qda48LjFq/drz2
M27fFqu/g3+Prxrg9lE+KPzdbvRHwuOtbhlJ92ogmS+i7mhDDGPsWhtPVduV9Kbq
QI6jggHQMIIBzDCB9QYFKoUDZHAEgeswgegMNNCf0JDQmtCcIMKr0JrRgNC40L/R
gtC+0J/RgNC+IEhTTcK7INCy0LXRgNGB0LjQuCAyLjAMQ9Cf0JDQmiDCq9CT0L7Q
u9C+0LLQvdC+0Lkg0YPQtNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDRhtC10L3R
gtGAwrsMNdCX0LDQutC70Y7Rh9C10L3QuNC1IOKEliAxNDkvMy8yLzIvMjMg0L7R
giAwMi4wMy4yMDE4DDTQl9Cw0LrQu9GO0YfQtdC90LjQtSDihJYgMTQ5LzcvNi00
NDkg0L7RgiAzMC4xMi4yMDIxMD8GBSqFA2RvBDYMNNCf0JDQmtCcIMKr0JrRgNC4
0L/RgtC+0J/RgNC+IEhTTcK7INCy0LXRgNGB0LjQuCAyLjAwDAYFKoUDZHIEAwIB
ADBDBgNVHSAEPDA6MAgGBiqFA2RxATAIBgYqhQNkcQIwCAYGKoUDZHEDMAgGBiqF
A2RxBDAIBgYqhQNkcQUwBgYEVR0gADAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
BAUwAwEB/zAdBgNVHQ4EFgQUyRNYsUynYjp+0j88pucUfJ1wo4YwCgYIKoUDBwEB
AwIDQQCCSXhICg3SZ/TTCtRJpBFuXGSy3PeZTEeOwdOHIv0tWiN2q0mPRzB/o6r9
MXjGqdzfYGtCrq1l5FsXZOI5c/2S
-----END CERTIFICATE-----
------------------
depth=2 emailAddress = [email protected], C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
verify error:num=19:self-signed certificate in certificate chain
verify return:1
depth=2 emailAddress = [email protected], C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
verify return:1
depth=1 emailAddress = [email protected], ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, 1.2.643.100.4 = 7710568760, OGRN = 1047797019830, street = "\D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA, \D0\B4. 6, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 1", L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, C = RU, O = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, CN = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
verify return:1
depth=0 C = RU, ST = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = \D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA \D0\B4\D0\BE\D0\BC 6 \D1\81\D1\82\D1\80.1, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, O = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E, OGRN = 1047797019830, 1.2.643.100.4 = 7710568760, emailAddress = [email protected], CN = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E
verify return:1
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 4
ServerHelloDone, Length=0
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 179
ClientKeyExchange, Length=175
KeyExchangeAlgorithm=GOST
GostKeyTransportBlob (len=175): 3081AC3081A93028042061C9A9224EE73816D3006A120FD8A3A69CBECD64E7A8B82D7F0AE3CCA57B17D50404158B21F1A07D06092A8503070102050101A066301F06082A85030701010101301306072A85030202240006082A85030701010202034300044018DFCE9E05B7EE7850D54FCF0B535A5A1FE5EE8CD5A392A5DEB4CED34E592C350F2109CDF3A02F47E5E8C81A504F1AD4CE98171A39DD2425319BB7123D29CC01040803E7B811EBF942B0
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ChangeCipherSpec (20)
Length = 1
change_cipher_spec (1)
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 20
Finished, Length=12
verify_data (len=12): 7BB91ACD5C01353AC9B4A7E0
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 218
NewSessionTicket, Length=214
ticket_lifetime_hint=300
ticket (len=208): 2AFF6EE305579708A0C661AF7D998213AB15405B7A7EE197882745CE1C395DC6F4A8102DB76CB81DCCA74E0230DE006AD00BDF5038386C2980E8A37B3A41A39B5F4D1D780CF30724DB36254402D66C0EFFFEB12A35F11C7B19C5086004D360379B2320FD4CD1FAC906394B8EF8C5BCA00EABE35D1E91835FB23AB8B8B747DF18DF22AC21316044121F34F6C866BD157127DDF3611E5EDAEE7766B0D32323E47F75924453FFFA88055E8A044E87B6A5592F75648900B1A8F65BB6130CA7FBF9EF3FF0DE464DA2873850A5CEFDA771BA58
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ChangeCipherSpec (20)
Length = 1
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 20
Finished, Length=12
verify_data (len=12): 65879304E18110BA0D26EFC6
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ApplicationData (23)
Length = 131
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 8
HelloRequest, Length=0
Unsupported, hex dump follows:
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 405
ClientHello, Length=397
client_version=0x303 (TLS 1.2)
Random:
gmt_unix_time=0x14908EBD
random_bytes (len=28): 1279EF6323772168CF0CEF071E07D6B29DFF5F21A2E47A6FEC5F401B
session_id (len=32): FF817399ACB4AB691A5400B724239EAF7DA5DAEFED99A2C1560460DA8C08998A
cipher_suites (len=2)
{0xFF, 0x85} LEGACY-GOST2012-GOST8912-GOST8912
compression_methods (len=1)
No Compression (0x00)
extensions, length = 322
extension_type=renegotiate(65281), length=13
client_verify_data (len=12): 7BB91ACD5C01353AC9B4A7E0
extension_type=server_name(0), length=25
0000 - 00 17 00 00 14 69 6e 74-34 34 2e 7a 61 6b 75 .....int44.zaku
000f - 70 6b 69 2e 67 6f 76 2e-72 75 pki.gov.ru
extension_type=session_ticket(35), length=208
ticket (len=208): 2AFF6EE305579708A0C661AF7D998213AB15405B7A7EE197882745CE1C395DC6F4A8102DB76CB81DCCA74E0230DE006AD00BDF5038386C2980E8A37B3A41A39B5F4D1D780CF30724DB36254402D66C0EFFFEB12A35F11C7B19C5086004D360379B2320FD4CD1FAC906394B8EF8C5BCA00EABE35D1E91835FB23AB8B8B747DF18DF22AC21316044121F34F6C866BD157127DDF3611E5EDAEE7766B0D32323E47F75924453FFFA88055E8A044E87B6A5592F75648900B1A8F65BB6130CA7FBF9EF3FF0DE464DA2873850A5CEFDA771BA58
extension_type=encrypt_then_mac(22), length=0
extension_type=extended_master_secret(23), length=0
extension_type=signature_algorithms(13), length=52
ecdsa_secp256r1_sha256 (0x0403)
ecdsa_secp384r1_sha384 (0x0503)
ecdsa_secp521r1_sha512 (0x0603)
ed25519 (0x0807)
ed448 (0x0808)
rsa_pss_pss_sha256 (0x0809)
rsa_pss_pss_sha384 (0x080a)
rsa_pss_pss_sha512 (0x080b)
rsa_pss_rsae_sha256 (0x0804)
rsa_pss_rsae_sha384 (0x0805)
rsa_pss_rsae_sha512 (0x0806)
rsa_pkcs1_sha256 (0x0401)
rsa_pkcs1_sha384 (0x0501)
rsa_pkcs1_sha512 (0x0601)
ecdsa_sha224 (0x0303)
rsa_pkcs1_sha224 (0x0301)
dsa_sha224 (0x0302)
dsa_sha256 (0x0402)
dsa_sha384 (0x0502)
dsa_sha512 (0x0602)
gost2012_256 (0x0840)
gost2012_512 (0x0841)
gost2012_256 (0xeeee)
gost2012_512 (0xefef)
gost2001_gost94 (0xeded)
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 81
ServerHello, Length=73
server_version=0x303 (TLS 1.2)
Random:
gmt_unix_time=0xC5B2AA6A
random_bytes (len=28): 6C283D9E420DD4AF41D8169688F4586D2481CF3F086B595A4B5F103C
session_id (len=0):
cipher_suite {0xFF, 0x85} LEGACY-GOST2012-GOST8912-GOST8912
compression_method: No Compression (0x00)
extensions, length = 33
extension_type=renegotiate(65281), length=25
client_verify_data (len=12): 7BB91ACD5C01353AC9B4A7E0
server_verify_data (len=12): 65879304E18110BA0D26EFC6
extension_type=session_ticket(35), length=0
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 5659
Certificate, Length=5651
certificate_list, length=5648
ASN.1Cert, length=2229
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f9:96:28:57:74:4e:70:de:be:a9:a8:fe:1d:aa:32:7e
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Issuer: emailAddress = [email protected], ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, 1.2.643.100.4 = 7710568760, OGRN = 1047797019830, street = "\D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA, \D0\B4. 6, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 1", L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, C = RU, O = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, CN = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Validity
Not Before: May 2 08:12:20 2024 GMT
Not After : Jul 26 08:12:20 2025 GMT
Subject: C = RU, ST = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = \D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA \D0\B4\D0\BE\D0\BC 6 \D1\81\D1\82\D1\80.1, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, O = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E, OGRN = 1047797019830, 1.2.643.100.4 = 7710568760, emailAddress = [email protected], CN = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E
Subject Public Key Info:
Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
Public key:
X:993A5FE1A85BA48A71D47E1E5C503721B6D8FF1BAECE377359EEA7BE11C87F4
Y:EDA6BD45F35169F54C029500EE645464159F791E2E09CC365F7552010765968F
Parameter set: id-GostR3410-2001-CryptoPro-XchA-ParamSet
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Key Agreement
X509v3 Subject Alternative Name:
DNS:*.zakupki.gov.ru, DNS:zakupki.gov.ru
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: Class of Signing Tool KC1
Policy: Class of Signing Tool KC2
1.2.643.100.114:
...
Signing Tool of Subject:
"КриптоПро CSP" (версия 4.0)
Signing Tool of Issuer:
signTool : Программно-аппаратный комплекс ViPNet PKI Service (на аппаратной платформе HSM 2000Q2)
cATool : Программно-аппаратный комплекс «Юнисерт-ГОСТ». Версия 4.0
signToolCert: Cертификат соответствия №СФ/124-4328 от 29.08.2022
cAToolCert : Заключение на средство УЦ №149/7/6/213 от 30.03.2023
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.roskazna.ru/crl/ucfk_2023.crl
Full Name:
URI:http://crl.fk.local/crl/ucfk_2023.crl
Authority Information Access:
CA Issuers - URI:http://crl.roskazna.ru/crl/ucfk_2023.crt
CA Issuers - URI:http://crl.fk.local/crl/ucfk_2023.crt
X509v3 Subject Key Identifier:
21:92:6D:E9:0C:D6:1A:68:CB:78:F9:46:DA:82:F5:C7:33:BE:13:55
X509v3 Authority Key Identifier:
keyid:A7:0B:95:28:6F:9F:E4:4B:8A:51:80:B2:85:1F:89:4A:FC:E7:F0:9C
DirName:/[email protected]/C=RU/ST=77 \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0/L=\xD0\xB3. \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0
serial:F0:A9:E2:89:00:00:00:00:07:9E
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Signature Value:
df:3e:23:61:de:24:31:28:c7:b7:27:63:1d:d7:e2:27:19:92:
3e:d3:f2:2e:58:3a:52:e6:54:b8:0c:c7:97:c0:4b:06:da:23:
43:ed:3e:3e:ed:b3:18:45:6e:1c:da:6c:9d:c9:f8:e7:3c:7d:
57:3c:d1:d9:da:b8:e2:95:c5:f9
-----BEGIN CERTIFICATE-----
MIIIsTCCCF6gAwIBAgIRAPmWKFd0TnDevqmo/h2qMn4wCgYIKoUDBwEBAwIwggFX
MSAwHgYJKoZIhvcNAQkBFhF1Y19ma0Byb3NrYXpuYS5ydTEYMBYGA1UECAwPNzcg
0JzQvtGB0LrQstCwMRUwEwYFKoUDZAQSCjc3MTA1Njg3NjAxGDAWBgUqhQNkARIN
MTA0Nzc5NzAxOTgzMDFgMF4GA1UECQxX0JHQvtC70YzRiNC+0Lkg0JfQu9Cw0YLQ
vtGD0YHRgtC40L3RgdC60LjQuSDQv9C10YDQtdGD0LvQvtC6LCDQtC4gNiwg0YHR
gtGA0L7QtdC90LjQtSAxMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQstCwMQswCQYD
VQQGEwJSVTEuMCwGA1UECgwl0JrQsNC30L3QsNGH0LXQudGB0YLQstC+INCg0L7R
gdGB0LjQuDEuMCwGA1UEAwwl0JrQsNC30L3QsNGH0LXQudGB0YLQstC+INCg0L7R
gdGB0LjQuDAeFw0yNDA1MDIwODEyMjBaFw0yNTA3MjYwODEyMjBaMIIBaTELMAkG
A1UEBhMCUlUxGTAXBgNVBAgMENCzLiDQnNC+0YHQutCy0LAxVzBVBgNVBAkMTtCR
0L7Qu9GM0YjQvtC5INCX0LvQsNGC0L7Rg9GB0YLQuNC90YHQutC40Lkg0L/QtdGA
0LXRg9C70L7QuiDQtNC+0LwgNiDRgdGC0YAuMTEZMBcGA1UEBwwQ0LMuINCc0L7R
gdC60LLQsDE4MDYGA1UECgwv0KTQldCU0JXQoNCQ0JvQrNCd0J7QlSDQmtCQ0JfQ
ndCQ0KfQldCZ0KHQotCS0J4xGDAWBgUqhQNkARINMTA0Nzc5NzAxOTgzMDEVMBMG
BSqFA2QEEgo3NzEwNTY4NzYwMSYwJAYJKoZIhvcNAQkBFhdhYmFib2NoZW5rb0By
b3NrYXpuYS5ydTE4MDYGA1UEAwwv0KTQldCU0JXQoNCQ0JvQrNCd0J7QlSDQmtCQ
0JfQndCQ0KfQldCZ0KHQotCS0J4wZjAfBggqhQMHAQEBATATBgcqhQMCAiQABggq
hQMHAQECAgNDAARA9Icc4XvqnjV34+y68Y9tG3IDxeXhRx2nSLqFGv6lkwmPlmUH
AVJ1XzbMCS4eeZ8VZFRk7gCVAkz1aVHzRb2m7aOCBOYwggTiMA4GA1UdDwEB/wQE
AwID+DArBgNVHREEJDAighAqLnpha3Vwa2kuZ292LnJ1gg56YWt1cGtpLmdvdi5y
dTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0gBBYwFDAIBgYq
hQNkcQEwCAYGKoUDZHECMAwGBSqFA2RyBAMCAQAwNgYFKoUDZG8ELQwrItCa0YDQ
uNC/0YLQvtCf0YDQviBDU1AiICjQstC10YDRgdC40Y8gNC4wKTCCAaIGBSqFA2Rw
BIIBlzCCAZMMgYfQn9GA0L7Qs9GA0LDQvNC80L3Qvi3QsNC/0L/QsNGA0LDRgtC9
0YvQuSDQutC+0LzQv9C70LXQutGBIFZpUE5ldCBQS0kgU2VydmljZSAo0L3QsCDQ
sNC/0L/QsNGA0LDRgtC90L7QuSDQv9C70LDRgtGE0L7RgNC80LUgSFNNIDIwMDBR
MikMaNCf0YDQvtCz0YDQsNC80LzQvdC+LdCw0L/Qv9Cw0YDQsNGC0L3Ri9C5INC6
0L7QvNC/0LvQtdC60YEgwqvQrtC90LjRgdC10YDRgi3Qk9Ce0KHQosK7LiDQktC1
0YDRgdC40Y8gNC4wDE1D0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC
0YHRgtCy0LjRjyDihJbQodCkLzEyNC00MzI4INC+0YIgMjkuMDguMjAyMgxO0JfQ
sNC60LvRjtGH0LXQvdC40LUg0L3QsCDRgdGA0LXQtNGB0YLQstC+INCj0KYg4oSW
MTQ5LzcvNi8yMTMg0L7RgiAzMC4wMy4yMDIzMGYGA1UdHwRfMF0wLqAsoCqGKGh0
dHA6Ly9jcmwucm9za2F6bmEucnUvY3JsL3VjZmtfMjAyMy5jcmwwK6ApoCeGJWh0
dHA6Ly9jcmwuZmsubG9jYWwvY3JsL3VjZmtfMjAyMy5jcmwwdwYIKwYBBQUHAQEE
azBpMDQGCCsGAQUFBzAChihodHRwOi8vY3JsLnJvc2them5hLnJ1L2NybC91Y2Zr
XzIwMjMuY3J0MDEGCCsGAQUFBzAChiVodHRwOi8vY3JsLmZrLmxvY2FsL2NybC91
Y2ZrXzIwMjMuY3J0MB0GA1UdDgQWBBQhkm3pDNYaaMt4+UbagvXHM74TVTCCAXcG
A1UdIwSCAW4wggFqgBSnC5Uob5/kS4pRgLKFH4lK/OfwnKGCAUOkggE/MIIBOzEh
MB8GCSqGSIb3DQEJARYSZGl0QGRpZ2l0YWwuZ292LnJ1MQswCQYDVQQGEwJSVTEY
MBYGA1UECAwPNzcg0JzQvtGB0LrQstCwMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQ
stCwMVMwUQYDVQQJDErQn9GA0LXRgdC90LXQvdGB0LrQsNGPINC90LDQsdC10YDQ
tdC20L3QsNGPLCDQtNC+0LwgMTAsINGB0YLRgNC+0LXQvdC40LUgMjEmMCQGA1UE
Cgwd0JzQuNC90YbQuNGE0YDRiyDQoNC+0YHRgdC40LgxGDAWBgUqhQNkARINMTA0
NzcwMjAyNjcwMTEVMBMGBSqFA2QEEgo3NzEwNDc0Mzc1MSYwJAYDVQQDDB3QnNC4
0L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuIILAPCp4okAAAAAB54wCgYIKoUDBwEB
AwIDQQDfPiNh3iQxKMe3J2Md1+InGZI+0/IuWDpS5lS4DMeXwEsG2iND7T4+7bMY
RW4c2mydyfjnPH1XPNHZ2rjilcX5
-----END CERTIFICATE-----
------------------
ASN.1Cert, length=2045
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f0:a9:e2:89:00:00:00:00:07:9e
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Issuer: emailAddress = [email protected], C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Validity
Not Before: Mar 21 15:00:46 2023 GMT
Not After : Mar 21 15:00:46 2038 GMT
Subject: emailAddress = [email protected], ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, 1.2.643.100.4 = 7710568760, OGRN = 1047797019830, street = "\D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA, \D0\B4. 6, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 1", L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, C = RU, O = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, CN = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Subject Public Key Info:
Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
Public key:
X:A6D0255C31AB8300024BC917D6FD2A29D5912B13CF7D44B8E76DD0ADBFAE12D7
Y:4F24F8FB04CD5AC581540C7517789314A6FBBA082FF0CFD6BA21B444E816F055
Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
Signing Tool of Subject:
Программно-аппаратный комплекс ViPNet PKI Service (на аппаратной платформе HSM 2000Q2)
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
X509v3 Certificate Policies:
Policy: Class of Signing Tool KC1
Policy: Class of Signing Tool KC2
Policy: Class of Signing Tool KC3
1.2.643.100.114:
...
X509v3 Authority Key Identifier:
keyid:C9:13:58:B1:4C:A7:62:3A:7E:D2:3F:3C:A6:E7:14:7C:9D:70:A3:86
DirName:/[email protected]/C=RU/ST=77 \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0/L=\xD0\xB3. \xD0\x9C\xD0\xBE\xD1\x81\xD0\xBA\xD0\xB2\xD0\xB0
serial:95:1F:A3:47:7C:61:04:3A:AD:FA:85:86:27:82:34:42
X509v3 Subject Key Identifier:
A7:0B:95:28:6F:9F:E4:4B:8A:51:80:B2:85:1F:89:4A:FC:E7:F0:9C
X509v3 CRL Distribution Points:
Full Name:
URI:http://reestr-pki.ru/cdp/guc2022.crl
Full Name:
URI:http://company.rt.ru/cdp/guc2022.crl
Full Name:
URI:http://rostelecom.ru/cdp/guc2022.crl
Authority Information Access:
CA Issuers - URI:http://reestr-pki.ru/cdp/guc2022.crt
Signing Tool of Issuer:
signTool : ПАКМ «КриптоПро HSM» версии 2.0
cATool : ПАК «Головной удостоверяющий центр»
signToolCert: Заключение № 149/3/2/2/23 от 02.03.2018
cAToolCert : Заключение № 149/7/6-449 от 30.12.2021
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Signature Value:
40:45:f2:ba:ef:53:81:29:41:42:42:dd:32:0a:68:de:f9:69:
a5:c7:45:70:7f:7a:21:4b:53:df:39:94:3a:1c:d0:2f:8d:1e:
df:20:0c:ac:1f:fa:76:20:a6:88:67:ec:a5:61:a4:73:cf:0a:
04:cb:b0:98:7a:68:7c:58:dc:70
-----BEGIN CERTIFICATE-----
MIIH+TCCB6agAwIBAgILAPCp4okAAAAAB54wCgYIKoUDBwEBAwIwggE7MSEwHwYJ
KoZIhvcNAQkBFhJkaXRAZGlnaXRhbC5nb3YucnUxCzAJBgNVBAYTAlJVMRgwFgYD
VQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNVBAcMENCzLiDQnNC+0YHQutCy0LAx
UzBRBgNVBAkMStCf0YDQtdGB0L3QtdC90YHQutCw0Y8g0L3QsNCx0LXRgNC10LbQ
vdCw0Y8sINC00L7QvCAxMCwg0YHRgtGA0L7QtdC90LjQtSAyMSYwJAYDVQQKDB3Q
nNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuDEYMBYGBSqFA2QBEg0xMDQ3NzAy
MDI2NzAxMRUwEwYFKoUDZAQSCjc3MTA0NzQzNzUxJjAkBgNVBAMMHdCc0LjQvdGG
0LjRhNGA0Ysg0KDQvtGB0YHQuNC4MB4XDTIzMDMyMTE1MDA0NloXDTM4MDMyMTE1
MDA0NlowggFXMSAwHgYJKoZIhvcNAQkBFhF1Y19ma0Byb3NrYXpuYS5ydTEYMBYG
A1UECAwPNzcg0JzQvtGB0LrQstCwMRUwEwYFKoUDZAQSCjc3MTA1Njg3NjAxGDAW
BgUqhQNkARINMTA0Nzc5NzAxOTgzMDFgMF4GA1UECQxX0JHQvtC70YzRiNC+0Lkg
0JfQu9Cw0YLQvtGD0YHRgtC40L3RgdC60LjQuSDQv9C10YDQtdGD0LvQvtC6LCDQ
tC4gNiwg0YHRgtGA0L7QtdC90LjQtSAxMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQ
stCwMQswCQYDVQQGEwJSVTEuMCwGA1UECgwl0JrQsNC30L3QsNGH0LXQudGB0YLQ
stC+INCg0L7RgdGB0LjQuDEuMCwGA1UEAwwl0JrQsNC30L3QsNGH0LXQudGB0YLQ
stC+INCg0L7RgdGB0LjQuDBmMB8GCCqFAwcBAQEBMBMGByqFAwICIwEGCCqFAwcB
AQICA0MABEDXEq6/rdBt57hEfc8TK5HVKSr91hfJSwIAg6sxXCXQplXwFuhEtCG6
1s/wLwi6+6YUk3gXdQxUgcVazQT7+CRPo4IEYjCCBF4wEgYDVR0TAQH/BAgwBgEB
/wIBADCBlAYFKoUDZG8EgYoMgYfQn9GA0L7Qs9GA0LDQvNC80L3Qvi3QsNC/0L/Q
sNGA0LDRgtC90YvQuSDQutC+0LzQv9C70LXQutGBIFZpUE5ldCBQS0kgU2Vydmlj
ZSAo0L3QsCDQsNC/0L/QsNGA0LDRgtC90L7QuSDQv9C70LDRgtGE0L7RgNC80LUg
SFNNIDIwMDBRMikwDgYDVR0PAQH/BAQDAgHGMCcGA1UdIAQgMB4wCAYGKoUDZHEB
MAgGBiqFA2RxAjAIBgYqhQNkcQMwDAYFKoUDZHIEAwIBATCCAX0GA1UdIwSCAXQw
ggFwgBTJE1ixTKdiOn7SPzym5xR8nXCjhqGCAUOkggE/MIIBOzEhMB8GCSqGSIb3
DQEJARYSZGl0QGRpZ2l0YWwuZ292LnJ1MQswCQYDVQQGEwJSVTEYMBYGA1UECAwP
Nzcg0JzQvtGB0LrQstCwMRkwFwYDVQQHDBDQsy4g0JzQvtGB0LrQstCwMVMwUQYD
VQQJDErQn9GA0LXRgdC90LXQvdGB0LrQsNGPINC90LDQsdC10YDQtdC20L3QsNGP
LCDQtNC+0LwgMTAsINGB0YLRgNC+0LXQvdC40LUgMjEmMCQGA1UECgwd0JzQuNC9
0YbQuNGE0YDRiyDQoNC+0YHRgdC40LgxGDAWBgUqhQNkARINMTA0NzcwMjAyNjcw
MTEVMBMGBSqFA2QEEgo3NzEwNDc0Mzc1MSYwJAYDVQQDDB3QnNC40L3RhtC40YTR
gNGLINCg0L7RgdGB0LjQuIIRAJUfo0d8YQQ6rfqFhieCNEIwHQYDVR0OBBYEFKcL
lShvn+RLilGAsoUfiUr85/CcMIGPBgNVHR8EgYcwgYQwKqAooCaGJGh0dHA6Ly9y
ZWVzdHItcGtpLnJ1L2NkcC9ndWMyMDIyLmNybDAqoCigJoYkaHR0cDovL2NvbXBh
bnkucnQucnUvY2RwL2d1YzIwMjIuY3JsMCqgKKAmhiRodHRwOi8vcm9zdGVsZWNv
bS5ydS9jZHAvZ3VjMjAyMi5jcmwwQAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzAC
hiRodHRwOi8vcmVlc3RyLXBraS5ydS9jZHAvZ3VjMjAyMi5jcnQwgfUGBSqFA2Rw
BIHrMIHoDDTQn9CQ0JrQnCDCq9Ca0YDQuNC/0YLQvtCf0YDQviBIU03CuyDQstC1
0YDRgdC40LggMi4wDEPQn9CQ0JogwqvQk9C+0LvQvtCy0L3QvtC5INGD0LTQvtGB
0YLQvtCy0LXRgNGP0Y7RidC40Lkg0YbQtdC90YLRgMK7DDXQl9Cw0LrQu9GO0YfQ
tdC90LjQtSDihJYgMTQ5LzMvMi8yLzIzINC+0YIgMDIuMDMuMjAxOAw00JfQsNC6
0LvRjtGH0LXQvdC40LUg4oSWIDE0OS83LzYtNDQ5INC+0YIgMzAuMTIuMjAyMTAK
BggqhQMHAQEDAgNBAEBF8rrvU4EpQUJC3TIKaN75aaXHRXB/eiFLU985lDoc0C+N
Ht8gDKwf+nYgpohn7KVhpHPPCgTLsJh6aHxY3HA=
-----END CERTIFICATE-----
------------------
ASN.1Cert, length=1365
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
95:1f:a3:47:7c:61:04:3a:ad:fa:85:86:27:82:34:42
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Issuer: emailAddress = [email protected], C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Validity
Not Before: Jan 8 13:32:39 2022 GMT
Not After : Jan 8 13:32:39 2040 GMT
Subject: emailAddress = [email protected], C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
Subject Public Key Info:
Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
Public key:
X:DDFC283E51F6E01AAF8F7F83BFAB16DF6E33F6BC76BF5A8C0B8F6B1DA46B4A5A
Y:8E40EAA6F495DB554F1B5AEC630C4368EEA22F99206AF749196EADE3C247F46E
Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
X509v3 extensions:
Signing Tool of Issuer:
signTool : ПАКМ «КриптоПро HSM» версии 2.0
cATool : ПАК «Головной удостоверяющий центр»
signToolCert: Заключение № 149/3/2/2/23 от 02.03.2018
cAToolCert : Заключение № 149/7/6-449 от 30.12.2021
Signing Tool of Subject:
ПАКМ «КриптоПро HSM» версии 2.0
1.2.643.100.114:
...
X509v3 Certificate Policies:
Policy: Class of Signing Tool KC1
Policy: Class of Signing Tool KC2
Policy: Class of Signing Tool KC3
Policy: Class of Signing Tool KB1
Policy: Class of Signing Tool KB2
Policy: X509v3 Any Policy
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
C9:13:58:B1:4C:A7:62:3A:7E:D2:3F:3C:A6:E7:14:7C:9D:70:A3:86
Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
Signature Value:
82:49:78:48:0a:0d:d2:67:f4:d3:0a:d4:49:a4:11:6e:5c:64:
b2:dc:f7:99:4c:47:8e:c1:d3:87:22:fd:2d:5a:23:76:ab:49:
8f:47:30:7f:a3:aa:fd:31:78:c6:a9:dc:df:60:6b:42:ae:ad:
65:e4:5b:17:64:e2:39:73:fd:92
-----BEGIN CERTIFICATE-----
MIIFUTCCBP6gAwIBAgIRAJUfo0d8YQQ6rfqFhieCNEIwCgYIKoUDBwEBAwIwggE7
MSEwHwYJKoZIhvcNAQkBFhJkaXRAZGlnaXRhbC5nb3YucnUxCzAJBgNVBAYTAlJV
MRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNVBAcMENCzLiDQnNC+0YHQ
utCy0LAxUzBRBgNVBAkMStCf0YDQtdGB0L3QtdC90YHQutCw0Y8g0L3QsNCx0LXR
gNC10LbQvdCw0Y8sINC00L7QvCAxMCwg0YHRgtGA0L7QtdC90LjQtSAyMSYwJAYD
VQQKDB3QnNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQuDEYMBYGBSqFA2QBEg0x
MDQ3NzAyMDI2NzAxMRUwEwYFKoUDZAQSCjc3MTA0NzQzNzUxJjAkBgNVBAMMHdCc
0LjQvdGG0LjRhNGA0Ysg0KDQvtGB0YHQuNC4MB4XDTIyMDEwODEzMzIzOVoXDTQw
MDEwODEzMzIzOVowggE7MSEwHwYJKoZIhvcNAQkBFhJkaXRAZGlnaXRhbC5nb3Yu
cnUxCzAJBgNVBAYTAlJVMRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxGTAXBgNV
BAcMENCzLiDQnNC+0YHQutCy0LAxUzBRBgNVBAkMStCf0YDQtdGB0L3QtdC90YHQ
utCw0Y8g0L3QsNCx0LXRgNC10LbQvdCw0Y8sINC00L7QvCAxMCwg0YHRgtGA0L7Q
tdC90LjQtSAyMSYwJAYDVQQKDB3QnNC40L3RhtC40YTRgNGLINCg0L7RgdGB0LjQ
uDEYMBYGBSqFA2QBEg0xMDQ3NzAyMDI2NzAxMRUwEwYFKoUDZAQSCjc3MTA0NzQz
NzUxJjAkBgNVBAMMHdCc0LjQvdGG0LjRhNGA0Ysg0KDQvtGB0YHQuNC4MGYwHwYI
KoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIDQwAEQFpKa6Qda48LjFq/drz2
M27fFqu/g3+Prxrg9lE+KPzdbvRHwuOtbhlJ92ogmS+i7mhDDGPsWhtPVduV9Kbq
QI6jggHQMIIBzDCB9QYFKoUDZHAEgeswgegMNNCf0JDQmtCcIMKr0JrRgNC40L/R
gtC+0J/RgNC+IEhTTcK7INCy0LXRgNGB0LjQuCAyLjAMQ9Cf0JDQmiDCq9CT0L7Q
u9C+0LLQvdC+0Lkg0YPQtNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDRhtC10L3R
gtGAwrsMNdCX0LDQutC70Y7Rh9C10L3QuNC1IOKEliAxNDkvMy8yLzIvMjMg0L7R
giAwMi4wMy4yMDE4DDTQl9Cw0LrQu9GO0YfQtdC90LjQtSDihJYgMTQ5LzcvNi00
NDkg0L7RgiAzMC4xMi4yMDIxMD8GBSqFA2RvBDYMNNCf0JDQmtCcIMKr0JrRgNC4
0L/RgtC+0J/RgNC+IEhTTcK7INCy0LXRgNGB0LjQuCAyLjAwDAYFKoUDZHIEAwIB
ADBDBgNVHSAEPDA6MAgGBiqFA2RxATAIBgYqhQNkcQIwCAYGKoUDZHEDMAgGBiqF
A2RxBDAIBgYqhQNkcQUwBgYEVR0gADAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
BAUwAwEB/zAdBgNVHQ4EFgQUyRNYsUynYjp+0j88pucUfJ1wo4YwCgYIKoUDBwEB
AwIDQQCCSXhICg3SZ/TTCtRJpBFuXGSy3PeZTEeOwdOHIv0tWiN2q0mPRzB/o6r9
MXjGqdzfYGtCrq1l5FsXZOI5c/2S
-----END CERTIFICATE-----
------------------
depth=2 emailAddress = [email protected], C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
verify error:num=19:self-signed certificate in certificate chain
verify return:1
depth=2 emailAddress = [email protected], C = RU, ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = "\D0\9F\D1\80\D0\B5\D1\81\D0\BD\D0\B5\D0\BD\D1\81\D0\BA\D0\B0\D1\8F \D0\BD\D0\B0\D0\B1\D0\B5\D1\80\D0\B5\D0\B6\D0\BD\D0\B0\D1\8F, \D0\B4\D0\BE\D0\BC 10, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 2", O = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, OGRN = 1047702026701, 1.2.643.100.4 = 7710474375, CN = \D0\9C\D0\B8\D0\BD\D1\86\D0\B8\D1\84\D1\80\D1\8B \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
verify return:1
depth=1 emailAddress = [email protected], ST = 77 \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, 1.2.643.100.4 = 7710568760, OGRN = 1047797019830, street = "\D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA, \D0\B4. 6, \D1\81\D1\82\D1\80\D0\BE\D0\B5\D0\BD\D0\B8\D0\B5 1", L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, C = RU, O = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8, CN = \D0\9A\D0\B0\D0\B7\D0\BD\D0\B0\D1\87\D0\B5\D0\B9\D1\81\D1\82\D0\B2\D0\BE \D0\A0\D0\BE\D1\81\D1\81\D0\B8\D0\B8
verify return:1
depth=0 C = RU, ST = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, street = \D0\91\D0\BE\D0\BB\D1\8C\D1\88\D0\BE\D0\B9 \D0\97\D0\BB\D0\B0\D1\82\D0\BE\D1\83\D1\81\D1\82\D0\B8\D0\BD\D1\81\D0\BA\D0\B8\D0\B9 \D0\BF\D0\B5\D1\80\D0\B5\D1\83\D0\BB\D0\BE\D0\BA \D0\B4\D0\BE\D0\BC 6 \D1\81\D1\82\D1\80.1, L = \D0\B3. \D0\9C\D0\BE\D1\81\D0\BA\D0\B2\D0\B0, O = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E, OGRN = 1047797019830, 1.2.643.100.4 = 7710568760, emailAddress = [email protected], CN = \D0\A4\D0\95\D0\94\D0\95\D0\A0\D0\90\D0\9B\D0\AC\D0\9D\D0\9E\D0\95 \D0\9A\D0\90\D0\97\D0\9D\D0\90\D0\A7\D0\95\D0\99\D0\A1\D0\A2\D0\92\D0\9E
verify return:1
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 57
CertificateRequest, Length=45
certificate_types (len=4)
UNKNOWN (21)
UNKNOWN (22)
UNKNOWN (238)
UNKNOWN (239)
signature_algorithms (len=36)
rsa_pkcs1_sha512 (0x0601)
dsa_sha512 (0x0602)
ecdsa_secp521r1_sha512 (0x0603)
rsa_pkcs1_sha384 (0x0501)
dsa_sha384 (0x0502)
ecdsa_secp384r1_sha384 (0x0503)
rsa_pkcs1_sha256 (0x0401)
dsa_sha256 (0x0402)
ecdsa_secp256r1_sha256 (0x0403)
rsa_pkcs1_sha224 (0x0301)
dsa_sha224 (0x0302)
ecdsa_sha224 (0x0303)
rsa_pkcs1_sha1 (0x0201)
dsa_sha1 (0x0202)
ecdsa_sha1 (0x0203)
gost2001_gost94 (0xeded)
gost2012_256 (0xeeee)
gost2012_512 (0xefef)
certificate_authorities (len=0)
ServerHelloDone, Length=0
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 11
Certificate, Length=3
certificate_list, length=0
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 183
ClientKeyExchange, Length=175
KeyExchangeAlgorithm=GOST
GostKeyTransportBlob (len=175): 3081AC3081A9302804209B5AF432B0712F93FE40EE638324A777C3EEC8CFF5EAABBA090072DE5FEC0FF804049C5063ADA07D06092A8503070102050101A066301F06082A85030701010101301306072A85030202240006082A8503070101020203430004409C0932046C4DE2696A97B20DE42F2D3CA6ADE708F52FCD6ABE1CCFE9DF596EF2E8D4DF6DAB06E3790048206D0917CCC51EC8C252CA1401209027EB7754CB22FA0408ED1F9FCE4B7B7B23
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ChangeCipherSpec (20)
Length = 5
change_cipher_spec (1)
Sent Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 20
Finished, Length=12
verify_data (len=12): B371A8D92D32001E2F7A14E5
Received Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Alert (21)
Length = 6
Level=fatal(2), description=handshake failure(40)
4097656D097D0000:error:0A000410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1599:SSL alert number 40
В браузере Yandex в качестве ключа через plug-in cryptopro выступает файл на диске .cer
Есть ли пути решения данной проблемы и если да то в каком направлении искать решение?
Заранее спасибо за ответ
The text was updated successfully, but these errors were encountered:
Добрый день.
Пытаюсь наладить работу с сервисом отдачи дотументов сайта госзакупок.
Если я отправляю запрос на корень сайта (где не идет проверка цифровой подписи), то все рабаотает
Если я начинаю отправлять запросы на адрес, где идет проверка элекстронной цифровой подписи, то работать перестает и я не знаю как подступится к решению.
На windows + yandex браузер все работает
Вот кусок из Wireshark
Тут я обратил внимание на неизвестный шифр
Cipher Suite: Unknown (0xff85)который сайт и браузер выбирают для общенияА тот же запрос через openssh заказчивается неудачей
В браузере Yandex в качестве ключа через plug-in cryptopro выступает файл на диске
.cerЕсть ли пути решения данной проблемы и если да то в каком направлении искать решение?
Заранее спасибо за ответ
The text was updated successfully, but these errors were encountered: