DocuSign removed TLS v1.0 from its approved security protocols on June 25th, 2018. This is in accordance with the Payment Card Industry Data Security Standard (PCI DSS) requirement to disable early versions of TLS and implement a more secure encryption protocol using TLS v1.1 or higher.  For additional details see  https://support.docusign.com/en/articles/End-of-TLS-1-0-and-weak-cipher-support.

Developer Options by Language

Developers who use the DocuSign API in their integrations can ensure their applications use TLS 1.1 or TLS 1.2 using the steps below. These differ depending on the language or library used.

.NET applications:

  • Build your application with .Net 4.6.1 or higher. Microsoft strongly recommends .Net 4.7.1. See: https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls
  • Use version 2.1.10, or higher, of the DocuSign.eSign C# client library available on NuGet and here: https://github.com/docusign/docusign-csharp-client
  • The protocol version can be specified for your application using the ServicePointManager class. The SecurityProtocol property allows you to specify the TLS version directly. Use the below line of C# code before you instantiate the DocuSign API Client in your REST or SOAP integration
     System.Net.ServicePointManager.SecurityProtocol =  SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;

Java applications:

PHP applications:

Node Applications:

Applications relying on OpenSSL (Perl, Python etc):

  • OpenSSL v1.01 or newer supports TLS 1.1 and TLS 1.2.

Objective-C Applications:

Thanks to Drew Martin, DocuSign Developer Support Engineer, for technical input, review and edits.

Tags