19
June
2023
Unofficial installation instructions forromium-Gost in linux
12:05

Unofficial installation instructions forromium-Gost in linux

19 June 2023 12:05

Web browser Chromium-GOST serves to view websites using cryptography GOST R 34.10-2012.

Installation Chroimum-Gost in Linux OS

1) In the browser, open the address https://github.com/deemru/Chromium-GOST

2) Scroll the page down and click the link " download ".
Chromium-gost-downloaD.

3) From the Assets section, download the file corresponding to the version of the operating system:
\. Deb - for Debian, Ubuntu, Linux Mint
\. RPM - For Fedora Linux, CentOS и т.д.
Chromium-gost-dl

4) After loading, close the browser (get out of it).

5) delete the package chromium, если он был установлен, так как он конфликтует с пакетом chromium-gost-staBle 

sudo apt remove chromium

6) remove label label (desktop-файл) старой программы chromium

rm ~/.local/share/applications/chromium-browser.deskTop

7) In the conductor in the "Downloads" or "loading" folder with a double mouse click, start the installation of the program package.

8) for installation chromium-GOST click "install a package" .

Chromium-browser-deskTop

The label for launching the application is located in the Start - Internet menu section, has the name "chromium-Gost ".

Note: To work with sites using cryptographic protection TLS only browser chroimum-GOST may turn out to be DENTUTUTURE. To turn on the encryption according to GOST, you need to be loaded to install with Site C.ryptopro.ru и установить дополнительные компоненты.

Linux adjustment to enable GOST encryption

To work on the sites of the Russian Federation with encryption of GOST, it is necessary to install the components:

    1. Crypto -provider Cryptopro CSP (ознакомительная версия на 90 дней, платный) - скачать linux-amd64_deb.tgz, распаковать архив, запустить командный файл sudo sh install_gui.sh. Settings of the master - by default (click "Next"). The item "Copy root certificates from the OS to the cryptopr" does not need to be selected.

  2. Package CProcsp-pki-cades from the plugin archive (see paragraph 3).

    1. Package CProcsp-pkI-Plugin Cades - plugin ("КриптоПРО браузер плагин" - бесплатный)

  4. 4.RUSSI root certificatean TrUsted Root Ca
    openssl x509 -in rootca_ssl_rsa2022.cer -out rootca.cer -outform PEM
    sudo cp rootca.cer /usr/local/share/ca-certificates/ && sudo update-ca-certificates -V

  5. 5.The root certificate of the Ministry of Communications - the main certifying center GOST R 34.10-2012
    openssl x509 -inform der -outform pem -in guts_2012.cer -out guts2012.cer
    sudo cp guts2012.cer /usr/local/share/ca-certificates/ && sudo update-ca-certificates -V

  6. 7.The root certificate of the Ministry of Cyphra - the main certifying center 2022 GUTS_2022.cer
    openssl x509 -inform der -outform pem -in Kornevoy_sertifikat_GUTS_2022.CER -out guts.cer
    sudo cp guts.cer /usr/local/share/ca-certificates/ && sudo update-ca-certificates -V

  7. 7.The root certificate of the Federal Treasury
    openssl x509 -in Sertifikat-udostoveryayushchego-tsentra-Federalnogo-kaznacheystva-2023.CER -out fed.cer -outform PEM
    sudo cp fed.cer /usr/local/share/ca-certificates/ && sudo update-ca-certificates -V

  8. 7.Plugin of public services IFCPlugin-x86_64.deb

  9. Personal certificate of an individual or legal entity established in cryptoprop

  10. Certificate of a certification center that issued a certificate of physical. / yur. face.
    openssl x509 -in tensorca-2023_gost2012.cer -out tensor.cer -outform PEM
    sudo cp tensor.cer /usr/local/share/ca-certificates/ && sudo update-ca-certificates -V

TLS encryption checking by GOST

Test page - "State Services" :https: // gosuslugi.ru/
Cm. Properties of safe connection: Safe connection - actual certificate .

  • If the actual Globalsign RSA OV SSL CA certificate, then the client browser does not support GOST TLS;

  • If the actual certificate from the Russian Ministry of Council (issued by the Ministry of Communications of Russia), then the browser supports and uses GOST TLS.

    Cryptography GOST

If necessary, removal chromium-Gost in Ubuntu or Linux Mint can be made of the terminal:

sudo dpkg -r chromium-gost-staBle

To remove the cryptopro, start again Sudo SH Install_gui.sh and select the removal. After removing the cryptopr, encryption of TLS in accordance with GOST will become inaccessible.

Cryptation of GOST without cryptopopr does not work!



Related publications

Languages

Theme

RSS feeds

Atom 1.0 RSS

Popular tags

Random post

I'll be lucky!

Archive of posts

Search on Site

Weather forecast