How To Use DSC

  • The registered e-mail ID in your e-Filing profile is not the same as in your Digital Signature Certificate. In case it is not the same, you can:
  • GO TO ‘Profile Settings’ –> ‘Update contact details’ and change the e-mail ID or,
  • Get a new Digital Signature certificate from your Certificate Provider which contains the same e-mail ID as mentioned in your profile.

This could be due to the below reasons:

  • Digital Signature Certificate is revoked.
  • Digital Signature Certificate is not Class 2 or above. Only Class 2 or above Digital Certificates can be registered on e-Filing website.
  • Digital Signature Certificate is not created in SHA-1 (Hash algorithm and 1024 bit RSA) or SHA-2 (Hash algorithm and 2048 bit RSA).
  • In this case, you should contact the Certificate Provider and get your Digital Signature Certificate checked.
The validity period of the Digital Signature Certificate has ended. Attain a new Digital Signature Certificate from the Certified Service Providers and then register.

The validity period of the Digital Signature Certiifcate has not yet started. A Digital Certificate cannot be registered if the validity period is yet to begin. You can:

  • Register the same Digital Signature Certificate post the ‘Start date’ of the Digital Signature Certificate.
  • Contact your Certificate Provider and attain a Certificate with a ‘Start Date’ same or less than the date of registering the DSC with e-Filing website.

A Digital Signature Certificate (DSC) cannot be registered by multiple users. This error appears due to the below reasons:

  • The DSC you are registering belongs to someone else. Make sure that the DSC you are registering belongs to you and has your PAN and e-mail ID encrypted.
  • The only exception to this rule is that an authorized signatory (principal contact) for an organization should register his/her own DSC to e-File for the organization. The same DSC can be used for personal e-Filing too.

The DSC uploaded is not a valid DSC. Please select a valid DSC and upload it.

  • Still facing issue with the valid DSC/Invalid DSC :
  • Solution:Contact Helpdesk with the following details. Helpdesk will raise a ticket and will revert with the solution.
  • PAN
  • Full Name of the Individual/Name of the Company OR BoI OR Local Authority OR Firm OR Trust OR . AOP OR AJP
  • DoB/DoI

Reason:

  • System may be recognizing both drivers, for ePass2003 & ePass2003Auto, as different driver.

Resolution:

  • Control Panel > System > Device Manager. In the console tree find the epass2003Auto, right click on it and select uninstall.
  • Remove the token and reconnect it, system automatically recognizes the driver and the drivers will be installed successfully in the system.

Reason:

  • This Notification comes when Root Chain is not installed in system or the browser settings are not proper.

Resolution:

  • Install Root Chain in system.
  • Make browser settings as per website guideline.
  • Check Java version recommended by website.
  • All new ePass drivers comes with built-in Root Chain, uninstall the older version of driver and install latest drivers, this will automatically install Root Chain of all CAs and SubCAs.

Reason:

  • System settings do not allow downloading of the required java applet.

Resolution:

  • Open Control Panel > Java > Security Tab. Set security level to medium and then click on Edit Site list button. Click on Add Button and add Trusted Site or site URL where you are performing task.
Reason:
  • Internet Explorer settings are not proper.
  • Internet Explorer version is below 7.
Resolution:
  • Internet Explorer version must be above 7.
  • Open Tools Menu -> Internet option -> Click on Security Tab -> Here first set all security to default zone. Now click on Internet Icon then click on Custom button.
  • Now ‘Reset custom settings’ to medium.
  • Enable all ActiveX controls and plug-ins. If the ActiveX enable setting is (not secured) then select prompt but not disable.
  • In the User Authentication Logon Section select Automatic logon with current user name and password.
  • Click on OK and Apply Settings.
  • Now click on Second Icon Local intranet > Reset this Zone to Low, apply it.

Reason:

  • Name mentioned in the Digital Signature does not match with the account details.

Resolution:

  • Update Profile settings with the details of the person whose digital signature certificate is being used for filling return. Check the Name in Verification Part in XML file or in Pre-paired return.

Reason :

  • Registered certificate does not match with the certificate used for login.

Resolution:

  • After renewal of the certificate you need to update it on the respective portal where you are using the certificate for login or for e-tender.
  • Each tender site has different process for registration, please get in touch with respective site Helpdesk.

Reason :

  • System Cryptographic Services are not working properly or respective security patch is not installed in System.

Resolution :

  • If you are countering error “The Microsoft Cryptographic Service Provider reported an error:” in Adobe Acrobat Reader while signing MCA Documents. >>This error may face in Adobe Acrobat Reader Version 9.0 and above, this is error of Adobe Acrobat and not of USB Token, may face this error in any USB Token. >>Here is the link for the solution of the same: http://www.charteredinfo.com//DSC/TokenDrivers/AdobeReaderwithSecurityInstallation.zip >>Above link is for complete Adobe Acrobat Reader Download with Security Installation prompting to solve above error, details document included in above link, read instructions document carefully before installation.

Reason :

  • Mozilla Firefox 3.0 version does not allow applet to access the host file system. It prevents application tools to perform certain operation. In such, case there will be alert messages like “System error: Undefined”.

Suggestions :

  • Open Firefox Browser
  • In Address Bar type about:config
  • Then in search text area enter applet
  • Double click on the given result
  • It enables the applet to run in the browser.

Steps are as follows:

  • Plug In token in USB Port.
  • Run Step 1 – you will get message “Initialize Successfully”. (Do not run Step 1 in case there is Certificate in token, Certificate in token will get erased – no issues in case of blank token.)
  • Run Step 2 – and on successful up-gradation of token you will get message Upgraded Successfully.
  • Plug out and Plug in token. Windows/Drivers will detect the token.

Reason :

  • Mozilla Firefox 3.0 version does not allow applet to access the host file system. It prevents application tools to perform certain operation. In such, case there will be alert messages like “System error: Undefined”.

Suggestions :

  • Open Firefox Browser
  • In Address Bar type about:config
  • Then in search text area enter applet
  • Double click on the given result
  • It enables the applet to run in the browser.
Reason:
  • Verification code (CAPTCHA) is an .png image file. That are streamed from the server. The lower version browser (IE < 7.0) does not support .png image.
  • Windows OS is not updated with latest service pack.
Resolution :
  • Upgrade Internet Explorer (IE) version to latest version (IE 7.0) or above
  • Update Windows latest service pack.
  • Using Mozilla Firefox can be also one option.
Reason:
  • If chosen file has special characters like (& # @ ).
Resolution:
  • Remove the special characters from the File Name and try uploading it.
Reason:
  • Server is not updated with the Particular Citifying Authority Root Certificates.
Resolution:
  • Update the CA certificate to the server repository (JKS in the java base dir).
  • Get in touch with Helpdesk team of Respective Website or Application.
Reason:
  • Required Prerequisites NxtCryptoSetup is not available or incorrect setup installed.
Resolution:
  • Download NxtCryptoSetup – For ePass2003 and ePass2003Auto
Resolution:
  • Un-installation of Internet Explorer 11 required when some web site not compatible with this version and we need to working in previous version. First try with Development Tool if it’s not working then uninstall IE 11. Development Tools available in Internet Explorer Tool Menu. Here you found different Browser Mode. This process only works in Windows 7 not for windows 8, because Windows 8 come IE 11.
  • Control Panel – Program and Features – Installed update – enter IE 11 in search box.
  • Right Click on entry and select uninstall.
  • After restart machine Go to Tools Menu > Internet Option > Advance Tab > and select Reset Button > Check the Delete Personal Settings and select Reset button.
  • CCA Certificates (Trusted Root Certification Authorities) CA and Sub CA Certificates (Intermediate Certification Authorities)
  • Please install the CA & sub-CA certificate by following the below mentioned path.
  • Right click on Intermediate CA and Sub CA.p7b > Select install certificate > click on next in the import wizard > Select place all certificate in the following store > click on browse > check the check box Show physical store > select Intermediate Certification Authorities > click on OK > click on next and finish.
  • Please Install CCA certificate by following the below mentioned path.
  • Right Click on CCA.p7b > Select install certificate > click on next in the import wizard > Select place all certificate in the following store > click on browse > check the check box Show physical store > select Registry under Trusted Root Certification Authorities > click on OK > click on next and finish.
  • Go Into Internet Explorer.
  • Tools/ Internet Options/ Content / Certificates.
  • Click On Intermediate Certification Authorities Tab.
  • Select & remove All CCA India & Safescrypt CA.
  • Click On Remove. Click On Yes & Close.
  • Install the Chain which you have received from Mail
  • Double Click On Every Chain.
  • Click On Open.
  • Click On Install Certificate.
  • Click On next.
  • Click On Circle (Place all Certificates in the following Store) & Select Form Browse Option.
  • Click On Ok & Click On Next.
  • Click On Finish Tab. Then The one Tab will display yes or no Click On Yes tab.
  • Then window will Display The Import was successful.

Kindly follow the same steps to Install the other two chains also.

Reason:
  • Can not read the keystore from the usb token Possible Reasons: -The usb Token. reader not connected -The usb Token is not inserted – The PIN of the smart card is incorrect. Problem Details: Could not find the certificate with which you have registerd.
Resolution:
  • remove all roots from personal and intermediate, reinstall.
  • remove token drivers and re-install.
  • Service Pack 3 is reqd.

Solution

  • Go to Administrator Mode Adobe PDF Version 10.01.11
  • Go to Edit -> Preferences -> Security -> Advances preferences.
  • Uncheck -> require that certificate revocation checking be done whenever……..
  • Click on Windows Integration on TOP and check all 3 boxes.
  • Click on ok and close it.

Reason :

  • While using e-token for signing PDF files in MCA/ROC, the following error is sometimes (Adobe Reader version 11 and above) reported.
  • Error encountered while signing.
  • The Windows Cryptographic Service Provider reported an error.
  • An internal error occurred.
  • Error Code: 2148073504.

Solution :

  • Uninstall the ePass2003 driver. A system reboot might be required. Re-install the driver.
  • Select Windows CSP when it prompts for ‘Choose a CSP’.
  • If prompted by Windows Security whether to install this device software, Click on Install as shown below.
  • Complete the installation. Now you can sign PDF as usual using Adobe Reader in MCA website.

Solution:

  • First off, if you see a green check mark, the signature is valid.
  • The behaviour you are experiencing is due to the configuration (or misconfiguration) of the “Trusted Identities” in Reader. For a signature to show a green check mark, the signer must be valid, and the signer must be trusted.
  • For Acrobat or Reader to “trust” a signers certificate you need to configure a “trusted identity” by importing the signers public key.
  • Right click on the signed signature field Select “Validate Signature” Click “Signature Properties” button Select the “signer” tab (see screen shot) Click “Show Certificate” button Select the “Trust” tab Click the “Add to Trusted Identities” button Set the desired “trust” settings Click OK.
  • Right click on the signed signature field Select “Validate Signature” – you should now get the green check mark.

Trusted identities in Acrobat\Reader are tied to the Windows account profile, this explains why when logged onto the system as user1, the signature shows a green check mark (the trusted identity is configured), and when logged onto the system as user2, the signature shows a a different status, because the signers certificate has not been trusted under this profile. If you were to look at the details about the signature (in the signatures pane) you will see that is will say the signature is trusted, but the signer is unknown (not trusted).