TLS and GOST protocol protection

Yandex Browser uses the TLS protocols that provide secure data transfer on the Internet. Data transmitted over a secure connection is encrypted and decrypted using the CSP CryptoPro software.

Restriction. Currently, this feature is available only in Windows.
  1. Installing “CryptoPro CSP”
  2. Sites requesting GOST TLS encryption
  3. Enable and disable CryptoPro CSP support by the browser

Installing “CryptoPro CSP”

The laws of the Russian Federation demand that only TLS connections installed according to Russian cryptographic algorithms GOST 28147-89, GOST R 34.10-94, GOST R 34.11-94, and GOST R 34.10-2012 are used. Therefore, if you need to visit sites that use the State Standard (GOST) encryption algorithms, you need to install“CryptoPro CSP”.

Windows operating systems use the CryptoPro CSPprogram, which is a set of cryptographic utilities for generating electronic signatures and working with certificates

To install CryptoPro CSP, use the materials from the official site:

After CryptoPro CSP is installed, the browser checks whether the program is available and functioning.

Sites requesting GOST TLS encryption

If a site requests the GOST TLS encryption, the browser checks whether CryptoPro CSP is installed. If it is, the control is handed over to it.

Some of the sites that request the encryption: www.gosuslugi.ru, сайты на домене .gov.ru, .kamgov.ru, .nalog.ru.

If the site is not in the list, additional confirmation is requested. If you trust the site and the connection must be made using the GOST TLS encryption, click Continue.

Note. Sites may require certificates to be installed. The instructions on how to install certificates are usually stored on the sites that request them.

Enable and disable CryptoPro CSP support by the browser

By default, the browser supports CSP CryptoPro. We recommend making sure it does:

  1. Click  → Settings.
  2. Go to System.
  3. Make sure that in the Network section, theConnect to sites that use State Standard (GOST) encryption. CryptoPro CSP required option is enabled.

To disable encryption support, follow the same steps.