Digital Signature
Files are signed exclusively on the local computer where the digital signature is set up. Therefore, to enable file signing, you need to configure the environment on your computer. Once everything is set up correctly, the "Settings" - "Digital Signature" section will display the available certificates. Certificates that won't be used in DiMaker can be disabled.
System Requirements
Windows 10 or 11
CryptoPRO with an active license
DiMaker Signtool application
Broadband internet access
Installed certificate (either in the certificate store or on an external device)
Hibernate and sleep modes disabled (if a large number of files are planned for signing)
CryptoPRO
Files are signed using standard CryptoPRO tools. Therefore, to sign files, you need to download and set up the environment for its operation. Typically, the CryptoPRO CSP license is provided along with the digital signature certificate. If not, you'll need to manually download, install, and purchase a CryptoPRO CSP license.
DiMaker Signtool
The DiMaker Signtool application ensures file signing. This application operates under the DiMaker server. It retrieves the list of certificates, downloads files, signs them via CryptoPRO, and then returns them to the server. The application does not access private keys of certificates and does not send any data to the DiMaker server other than the signed files and the list of available certificates on the local machine.
You can download the application via this link:
gramotadel_signtool_1_0_00.zip
Then extract the archive to any folder and run the signtool.exe application.
Currently, the application does not have an installer and can be launched directly after extraction.
To authorize the application, go to “Settings” - “Digital Signature,” click “Connect Application,” and then enter the six-digit code from the DiMaker Signtool window. The connection will be established within a few seconds, and the settings will display the list of available certificates.
Security
The solution used in DiMaker ensures the absolute security of the file-signing process. The digital signature is stored exclusively on the local computer and is never transmitted over the network. The prepared file is downloaded from the DiMaker server, signed with the standard CryptoPRO CSP tools, and then returned to the server. To stop the signing process, simply close the application or disable it in the digital signature settings in DiMaker.
Broadband Access
Since digital signing is performed exclusively on the local machine, the signing speed depends on the internet speed of that machine. Additionally, keep in mind that the traffic used will be double the size of the files (downloading and uploading). If there are a large number of files, it's advisable to disable sleep and hibernate modes to ensure all files in the queue are signed. Typically, signing each file takes 3-5 seconds.
Qualified Certificate (QES)
To sign files, you'll need a qualified certificate (QES) issued to an individual, a sole proprietor, or a legal entity, and provided by any accredited certification authority under the Russian Ministry of Digital Development. We recommend using the Contour Certification Authority.