DocuSign eSignature public certificates

Digital certificates provide higher levels of identity authentication and document transaction security. Digital certificates cryptography uses Public Key Infrastructure (PKI) technology to issue certificates based on X.509 standards to represent the digital identity of a signer. Standard-based signatures is the DocuSign platform for providing a full range of signature capabilities using digital certificates.

 

PKI documentation

 

Site Certificates

 

Intermediate and Root Certificate Authorities (CA)

 

SSO Certificates

 

Connect Certificates

The Connect certificates are used for Mutual TLS and for digitally signed, SOAP-formatted notification messages.

  • New Connect Certificates Availability & Schedule
  • The common names in scope in this new certificate update are:
    • DocuSign North American Services (NA1, NA2, NA3): connect.docusign.net
    • Intermediate Certificate: DigiCert Global CA G2 certificate
    • Root Certificate:  DigiCert Global Root G2 certificate
    • The renewed Connect certificates listed below are slated to be introduced into the DocuSign Service in the September 2019 - November 2019 timeframe. The ‘offer’ date specified below is the date the renewed certificate will be available for consumption and the ‘enforce’ date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption.
    • NA1, NA2, and NA3 environments: DocuSign Connect x.509 (2.4 KB): The upcoming update offered on October 16, 2019 and planned for a November 13th, 2019 enforcement is postponed until further notice. Customers will be notified in advance once a new enforce date has been determined.
    • Intermediate certificate: expires on August 1, 2028
    • Root certificate: expires on January 1, 2038
  • Release Notes:
    • A new Intermediate and Root certificate is also issued as part of this update. Customers should install the new intermediate and root certificates (if their current implementation includes the installation of the intermediate and root certificate).
      • All new certificates are issued as chained to the SHA-2 DigiCert Global Root G2 and DigiCert Global CA G2 certificates.
    • Customers leveraging the older certificates after the ‘enforce’ dates listed above will experience connectivity failures if they do not move to using the renewed certificate.
  • Current Connect Certificates
  • The common name for each certificate is:
    • DocuSign Developer Sandbox (Demo): demo.connect.docusign.net
    • DocuSign North American Services (NA1, NA2, NA3): connect.docusign.net
    • DocuSign European Services (EU): eu.connect.docusign.net
    • DocuSign Australian Services (AU): au.connect.docusign.net
    • DocuSign Canadian Services (CA): ca.connect.docusign.net
    • Intermediate Certificate: DigiCert SHA2 Secure Server CA
    • Root Certificate: DigiCert Global Root CA

Security Appliance Certificates

  • Renewed DocuSign Client certificate: current certificate for DocuSign Security Appliance client validation, expires on April 4, 2020
  • Root and Intermediate CA is the DigiCert Root and Intermediate CA listed under “Intermediate and Root Certificate Authorities (CA)” section.

 

Account Server Certificates

 

Signed By Certificates

  • Signed by certificate (2.6 KB): the current Signed by certificate, expires on March 28, 2020
  • Root and Intermediate CA is the DigiCert Root and Intermediate CA listed under “Intermediate and Root Certificate Authorities (CA)” section.

 

Entrust Certificates

 

DocuSign France