What software products are supported by the 1c signature service. New law on electronic signature. Terms and Definitions

A convenient way to get a qualified certificate electronic signature for the exchange of legally significant electronic documents directly in the 1C program at an affordable price

1C: Signature is an easy way to prepare and send an application for the issuance of a qualified electronic signature certificate from the certification center of OOO NPTs 1C. Product 1C: Signature is recommended to be purchased and used by those users of 1C software who want to switch to legally significant electronic document turnover (EDF) with its counterparties, but does not yet have a qualified certificate for this, or the number of employees using an electronic signature certificate for EDF needs to be increased. A certificate obtained using 1C: Signature is not intended for sending regulated reports to regulatory authorities in in electronic format through telecommunication channels and to participate in bidding on federal and commercial electronic trading platforms.

The service that 1C: Signature refers to to obtain an electronic signature certificate is available 24 * 7 around the clock, seven days a week and on holidays.

Service benefits Signature

Conditions of receipt / Instructions

To use the 1C: Signature product, you must:

  • Connect the software product with integrated developer tools "1C: Library of Standard Subsystems" version 2.3.2 and higher (Enterprise Accounting, version 3.0) to the official support.
  • Have a valid contract for information technology support (1C: ITS) with a 1C partner or purchase one of the service packages:
    - "StartEDO";
    - "1C: Signature".

Instructions

Programs in which the service is implemented

Currently, the 1C: Signature product is available to users following programs:
- "1C: Accounting 8", version 3.0, starting with release 3.0.37;
- "1C: Accounting of a State Institution", version 2.0, starting with release 2.0.29;
- "1C: Retail", revision 2.1, starting with release 2.1.5;
- "1C: Trade Management", edition 11, starting with release 11.1.10;
- "1C: ERP Enterprise Management", version 2.0, starting with release 2.0.10;
- "1C: Holding Management", version 1.2 and higher;
- "1C: Management of our company", revision 1.6 and higher;
- "1C: Client EDO 8", rev. 2.0

How to get an electronic signature certificate using 1C: Signature

Terms and Definitions

1C: Signature - provides filling out an application for registration of a qualified certificate of a key for checking an electronic signature in the 1C Certification Center, obtaining and installing a certificate on the user's computer.

Electronic Signature Verification Key Certificate (ECC) is an electronic document confirming the correspondence between the public key and information identifying the owner of the key. Contains information about the owner of the key, information about the public key, its purpose and scope

Application - an electronic document generated by the user in the 1C software, including a set of details required to generate a qualified certificate of the electronic signature verification key. A request for a certificate in PKCS # 10 format, which is generated in the process of preparing an application and an electronic signature key, must be attached to the application (automatically by means of the application preparation wizard).

Application - a paper document signed by the legal representative of the organization, including the details to be indicated in the UPC and in the register of issued certificates (in accordance with the requirements of the legislation of the Russian Federation), an agreement on accession to the Certification Authority Regulations.

Application preparation wizard - a component of the 1C: Signature software product, designed to prepare an application in a step-by-step mode.

Crypto provider is a program that implements cryptographic algorithms for performing an electronic signature.

Configuring a Crypto Provider

To support working with qualified certificates in MS Windows, you need to obtain and install on your PC an up-to-date version of a certified encryption provider. Currently, work with the following programs is supported:

  • ViPNet CSP
  • CryptoPro CSP

Installation and configuration of encryption providers is carried out in accordance with the technical documentation for these products.

In the infobase settings, you must specify the installed encryption provider; for this, go to Electronic Signature and Encryption Settings


to the "Programs" tab and click the "Add" button.


Select the encryption provider installed in your system from the list and click the "Save and close" button.

Launching the Wizard

To start the wizard for preparing an application for the UPC, you need to go to the "Certificates" tab, click the "Add" button and select the "Application for the issuance of a certificate" item.


Preparation of an application for the issuance of a new qualified certificate

Agreement on accession to the Regulations of the Certification Authority

At the first step of the Application Preparation Wizard, it is necessary to accept the Agreement on accession to the Regulations of the Certification Authority. You can print it if necessary.

The transition to the next step here and in subsequent steps is carried out by pressing the "Next" button.

Filling in the details of the organization

Fill in the details of the organization for which you are ordering a qualified certificate. The data can be filled in manually or selected from the directory of organizations.


When you go to the next step, the details are checked for errors. If they are found, a corresponding warning will be issued.

Specifying the data of the representative of the organization

The qualified certificate of the key for verifying the electronic signature of the organization is issued to an authorized official. It is necessary to indicate his data, which will be entered in the UPC and the register of qualified certificates of the Certification Authority.


Creation of an electronic signature key

After proceeding to this step, carefully check the specified information and select the encryption provider configured in Section 3 of this Guide.

After completing this procedure, the status of the application will change to "Prepared".

Preparation of a set of application documents and sending an application to 1C: Signature

To print a statement, enter the data official who will sign it. Give the prepared set of documents to an authorized representative of your service organization.

To automatically attach your application to the personal account of the service organization, indicate its TIN / KPP or select an organization from the directory of counterparties. This will shorten the time for consideration of your application.


  • The application is made by a registered user of PP 1C. If necessary, at the time of sending, it will be offered to connect the software product to the Internet user support, for which you need to enter the login and password that you use on the users.v8.1c.ru website.
  • At the time of sending the application for processing, an ITS contract must be concluded with the organization serving you or one of the service packages must be connected (StartEDO or 1C: Signature). If this condition is not met, then such an application is automatically rejected and information about this is displayed at the next status update. To resolve this issue, we recommend contacting the organization serving you.

If these conditions are met, you will receive the message “Application accepted for processing” and the status of the application will change to “Sent”.

Checking the status of the application and installing the certificate in the container

To check the current status of the submitted application, select it on the "Certificates" tab in the Electronic Signature and Encryption Settings and click "Change" (F2) in the context menu. By pressing the button "Update status" you can update its status.

Upon completion of the processing of the application, the certificate will be received and to install it into the container, click the "Install certificate" button. As a result, the status of the application will change to “Executed”.


Prices for 1C: Signature service

Product 1C: Signature is sold to users applied solutions 1C: Enterprises 1C partners at the recommended retail price of 600 rubles.
Product 1C: Signature is included in the 1C: ITS contract of the PROF level and in the StarEDO and 1C: Signature service packages.
These tariffs include the cost of one license for 1C: Signature for issuing a qualified certificate. This license can be used at no additional charge during the term of the tariff, but no more than 1 time during the year.

A qualified electronic signature gives legal force to electronic documents. 1C: Signature is a convenient service for accountants and managers who want to switch to electronic document management with their suppliers and customers, with other contractors. The ProfExpert company is ready to advise you on the organization electronic document management and connecting the 1C Signature service.

The certificate provided by 1C: Signature cannot be used to send regulated reports to regulatory authorities in electronic form via the Internet. To participate in auctions on federal and commercial electronic trading platforms 1C: Signature is also not suitable. For the above purposes, we recommend that you use the 1C-Reporting service, which can be connected with our help.

1C: Signature- creates and fills in an application for registration of a qualified certificate of the electronic signature verification key in the 1C Certification Center, and further receipt and installation of the certificate on the user's computer.

1C: Signature- it is necessary for the exchange between enterprises of legally significant financial documents (invoices, reconciliation statements, etc.) in the 1C: Electronic Document Management system (1C: EDM).

Advantages of installing "1C: Signature":

  • Speed. The preparation of documents for the registration of a qualified certificate of the electronic signature verification key is available directly on your work computer in your 1C program;
  • Security. The key in 1C Signature is created at your workplace, which eliminates the leakage of confidential or commercial information.
  • Convenience. You do not need to undergo special training to use 1c Signature, because the preparation and sending of the application is carried out in a special Assistant using step-by-step instructions.

The capabilities of the "1C: Signature" product are available to users of the following software solutions:

Service 1C: Signature helps users of 1C products to prepare and send packages of electronic documents automatically. This can be done at any time of the day and on any day of the week, without weekends and holidays.

In the future, it is planned to expand the list of 1C products, where 1C: Signature will be available. "

The purchased 1C Signature license is valid for 1 year.

Service cost 1C Signature

Product 1C: Signature is sold to users of 1C: Enterprise applied solutions by 1C partners at the recommended retail price 600 rubles.

Product 1C: Signature is included in the StartEDO service package.

Users with current treaty 1C: ITS of the PROF level is provided at no additional cost, a trial license for 1C: Signature for issuing a qualified certificate. This trial license can be used during the validity period of the 1C: ITS contract, but no more than 1 time per year.

In April of this year (from the date of publication in " Russian newspaper"- 04/08/2011) entered into force Federal Law of 06.04.2011 N 63-FZ "On Electronic Signature"(hereinafter referred to as the Law on Electronic Signature). The need for this document is due to the fact that the provisions of the current Federal Law of 10.01.2002 N 1-ФЗ "On Electronic Digital Signatures" (hereinafter referred to as the Law on Electronic Signatures) do not correspond to the modern principles of regulating electronic signatures in force in European states... (Recall that we mentioned some of the provisions of the Law on EDS in the article "Electronic digital signature- reality dictated by time. ") So, today the legislation allows the use of only one type of electronic signature (based on the technology of asymmetric signature keys), which makes a hierarchical system of certification centers necessary. that are not civil law transactions, electronic signature of legal entities is not allowed.The law on digital signature is not coordinated with other legislative acts of the Russian Federation, including licensing certain types activities and technical regulation.

The Electronic Signature Law addresses these shortcomings.

Without going into the details of the Electronic Signature Law, we will focus only on some of its points.

For your information. The Law on Electronic Signatures will become invalid from 01.07.2012 (Article 20 of the Law on Electronic Signatures).

So, first of all, I would like to note that the new regulatory act is an important step towards paperless business management (you must admit that paperwork takes a lot of time). Now, along with the traditional signature on paper, all legal entities and individuals are allowed to issue electronic signatures intended for use in electronic documents.

For your information. It is expected that the portal of state services will accept the electronic signature. Through it, legal entities will be able to submit tax returns, documents to the Pension Fund of the Russian Federation, Rosstat and other departments. (For these purposes, in addition to " personal account" for individuals, there will be a similar function for legal entities.) This service will be paid, its price will depend on the cost of digital media.
The mechanism of action of electronic signatures begins to be implemented in Moscow since May, and since mid-summer - in another 80 regions of the country.

By the way, about electronic signatures - the Law on Electronic Signatures (Art. 2) defines this concept, which enshrines the main feature inherent in all types of electronic signatures - the ability to use a signature to identify an individual or legal entity who signed information in electronic form. (Electronic signature - information in electronic form that is attached to other information in electronic form (signed information) or otherwise associated with such information and which is used to identify the person signing the information.)
At the same time, two types of electronic signatures are distinguished (depending on the criteria established by the Law) - simple(which, through the use of codes, passwords or other means, confirms the fact of the formation of an electronic signature by a certain person) and reinforced(Article 5 of the Law on Electronic Signature). The latter, in turn, is subdivided into unskilled and skilled.
Unqualified electronic signature is an electronic signature that is obtained as a result of cryptographic transformation of information using the signature key; allows you to identify the person who signed the electronic document; makes it possible to detect the fact of making changes to an electronic document after signing it; created using means of electronic signature.
Electronic documents signed with a simple or unqualified electronic signature are recognized as equivalent to signed paper documents in cases established by federal laws, adopted in accordance with them by regulatory legal acts or by an agreement between the participants electronic interaction(part 2 of article 6 of the Law on electronic signature). Moreover, if a document must be certified by a seal, an electronic document signed with an enhanced electronic signature is recognized as equivalent to a document on hard copy signed with his own hand and certified by the seal.
Now let's say a few words about qualified electronic signature- such one corresponds to all the signs of an unqualified electronic signature. In addition, the key for its verification is specified in the qualified certificate, and for its creation and verification, electronic signature tools are used that have received confirmation of compliance with the requirements established by this Federal Law.
Information signed with a qualified electronic signature is recognized as an electronic document that is equivalent to a paper document signed with a handwritten signature, unless the legislation establishes the need to draw up a document exclusively on paper (Article 6 of the Law on Electronic Signature). For business, the introduction of such a signature (with an expanded scope) is a big plus. According to the Law, it will be accepted without restrictions in all information systems, whereas before, a signature was issued for each of them.

For your information. An electronic document signed with an electronic digital signature before the date of invalidation of the Law on EDS is recognized as an electronic document signed with a qualified electronic signature in accordance with the Law on Electronic Signature (Article 19 of the Law on Electronic Signature).

Responsibility for issuing electronic signatures will be certification centers(Art. 13 of the Law on Electronic Signature), the work of which is regulated by the authorized federal bodies. It is the certification authorities that will issue signature keys, signature verification keys, and verification key certificates.
In accordance with Part 2 of Art. 14 of the Law on Electronic Signature, the certificate of the electronic signature verification key must contain the following information:
- the start and end dates of its validity (note, the Law does not specify what exactly this period will be);
- last name, first name and patronymic (if any) - for individuals, name and location - for legal entities or other information that allows you to identify the owner of the certificate of the electronic signature verification key;
- electronic signature verification key;
- the name of the electronic signature tool used and (or) standards, the requirements of which correspond to the electronic signature key and the electronic signature verification key;
- the name of the certification center that issued the certificate of the electronic signature verification key;
- other information provided for by Part 2 of Art. 17 of the Law on Electronic Signature (for a qualified certificate).

For your information. Signature key certificates issued in accordance with the Law on Electronic Signatures are recognized as qualified certificates in accordance with the Law on Electronic Signatures (Article 19 of the Law on Electronic Signatures).

In addition, the Electronic Signature Law regulates:
- verification of electronic signatures;
- provision of services of certification centers;
- accreditation of certification centers.
Let us dwell in a little more detail on the requirements for certification centers in order to accredit them: among such requirements is the size net assets certification center, the availability of financial support, the use of electronic signatures and technical means a certification center that have received confirmation of the established requirements, as well as the presence of employees with appropriate education and qualifications. The certification authority must ensure compliance with these requirements during the entire period of accreditation (Articles 15 and 16 of the Law on Electronic Signatures).

For your information. The rules for the accreditation of certification centers are established by the federal executive body responsible for the development and implementation of state policy and legal regulation in the field information technologies.

The law on electronic signature establishes the rights and obligations of the parties to relations in the field of using electronic signatures. These include federal body executive power, authorized in the field of electronic signature, certification center ( entity, structural subdivision legal entity or individual entrepreneur engaged in the creation and issuance of signature key certificates) and the owner of the signature key certificate (an individual or legal entity to whom the signature key certificate was issued).
The list of information to be stored in the certification center has been determined. This includes all the data allowing, if necessary, to carry out operational-search activities.
It should also be said that the adoption of the Law on Electronic Signatures entailed the introduction of appropriate amendments to certain legislative acts of the Russian Federation. In this regard, the Federal Law of 06.04.2011 N 65-FZ was adopted.
The specified regulation amendments are being made to the Civil Code, the Arbitration Procedure Code, Federal Law of 27.07.2006 N 149-FZ "On Information, Information Technologies and the Protection of Information" and other legislative acts.
In particular, it was established that electronic documents signed with an electronic signature are considered within the framework of the regulated by the specified Federal laws relations on a par with paper documents signed with a handwritten signature, taking into account the rules on the equivalence of electronic and paper documents established by the Law on Electronic Signatures. At the same time, the rules established by the Codes in relation to facsimile reproduction of a signature on paper by means of mechanical or other copying are preserved.

Recently, a friend urgently needed to sign one EDS file. EDS was issued by government agencies, but the company did not have a program for signing files. I was just at that time experimenting with EDS in 1s and quickly wrote this program. To my regret, it didn’t work to test it on a live example - there was a demo version of a paid program, through which we signed.

Nevertheless, I combed the program, checked it on self-signed certificates.

Processing can work with both certificates from containers and certificates from files. If no certificate file is specified, then the certificate from the container is used.

The list of cryptography modules already contains:

    Microsoft Enhanced Cryptographic Provider v1.0

    Microsoft Enhanced RSA and AES Cryptographic Provider

You can add any other module if you want.

When you click the Sign button, a signature file with the same name and p7s extension appears next to the original file.

The signature can be verified from the same processing. To do this, it is enough to indicate the file that was signed.

If the signed file is changed after the signature, the signature will become invalid.

The signature is verified by other programs. For example, CryptoARM (http://cryptoarm.ru/).

There is no trust in the certificate because I signed with a certificate that I issued myself.

This article will give specific instructions for installing an EDS in the document management program, including the EDS of CryptoPro for 1C: Document Management. We've also posted a video showing all the steps for you. But first a little about digital signatures in our life.

The world community of information technologies does not stand still, but confidently keeps pace with the times. Today it is difficult to imagine a company in which computers, printers and other office equipment... Century typewriters remained in the past and today almost everyone uses electronic documents instead of paper "Document flow"... And the point is not even that in case of a small mistake made during typing, you have to transfer the paper to waste paper, the most important thing is the time that will be spent on writing a new document.

In electronic form, document flow becomes convenient and quick view transfer of documents. It is enough to save templates, and then only substitute data, change or correct errors. Electronic exchange of documents also does not require paper costs, courier fees, etc.

But with the advent of new technologies, fraudsters also “do not sleep” and try to come up with new ways to deceive. For example, when exchanging electronic documents, unscrupulous partners can change some numbers in the document, and then pass this document off as the original. Just in order to protect ourselves in such cases, various methods of data protection began to be developed and applied. One of the most popular today is the digital signature.

The need for EDS arose when it was necessary to hide important information from prying eyes, and also as a confirmation that the document had not been changed during the time it passed through the communication channels. Mechanism digital signature was created as a side effect of public key cryptographic encryption. As a result of this approach to data encryption, it became possible to use two keys - a secret and a public one.

The secret key it is used for the signature itself and is available only to the author of the information, and the public key is designed to verify the authenticity of the document and, as a rule, is publicly available. To verify the authenticity of the document, the public key, ciphertext and original text are matched with each other. If the results of the check are identical, then the document has not been changed. The cipher text is not available to anyone except the owner of the secret key, and therefore it acts as a guarantor of authenticity and is considered the personal signature of the owner of the key - an electronic digital signature.

Insofar as digital signature is a complete analogue of the handwritten signature of an authorized person on a paper document, such a legally significant document flow has full legal force. A file (document), certified by an electronic signature, guarantees the integrity of documents, their confidentiality, makes it possible to establish the identity of the sender. The use of such a workflow not only reduces the delivery time and financial costs of the company, but also makes the procedure for registration, preparation, storage and accounting of documentation more efficient.

Electronic document flow is as follows: first, the parties agree with each other on the means of digital signature that will be used in the file exchange process. In Russia, the most acceptable and certified is a software or hardware-software complex. After the tool is selected and approved by both parties, the partners generate keys from the private and public keys for each party. In order for the partners to be sure of the authenticity of the EDS, they exchange public keys. This process is necessary to prevent a conflict situation that may arise if one of the partners discovers during verification that the personal signature of the other party did not pass identification. Further, from the original document (file) and its EDS, the electronic document itself is compiled directly. Such a document consists of two parts: a general one, which contains the text of the document itself, and a special one, containing all obligatory digital signature.

Video clip about working with EDS in the "1C: Document Flow" program

The video shows all the processes of connecting an EDS to "1C: Document Flow" from downloading and installing Crypto-Pro to setting up "1C: Document Flow". This video was recorded by our partners. Go to the next page to view.

 

It might be helpful to read: