DocuSign eSignature public certificates

Digital certificates provide higher levels of identity authentication and document transaction security. Digital certificates cryptography uses Public Key Infrastructure (PKI) technology to issue certificates based on X.509 standards to represent the digital identity of a signer. Standard-based signatures is the DocuSign platform for providing a full range of signature capabilities using digital certificates.

To view the technical details of each certificate including but not limited to: Issue date, Expiry date, CN, Issuer, Thumbprint, Signature Algorithm, chaining and other technical metadata, please download and view the respective files below.

DocuSign Express Service

New Service Offerings

The new DocuSign Express email service will be available to customers and “Offered” as of January 10th 2022. The new Express email service certificates will be available in the service for consumption alongside the existing DocuSign Express email service until the “Force” date of March 9th 2022. After the Force date the new certificate will be the only option.  i.e. the current certificate will no longer be available for consumption. The new service documentation and certificate is available below.

New Express Policies

• Certificate Policy/Certification Practice Statement (CP/CPS) (840 KB)
• Express email service Terms and Conditions

New DocuSign Express email service certificate

• DocuSign Root CA (2KB): Root CA for New DocuSign Express Service

Current DocuSign Express Mail Service

PKI documentation

DocuSign Express Certificate Authority

• Certificate Policy / Certification Practice Statement (CP/CPS v1.1) (788.2 KB)
• Relying Party Agreement (RPA v1.0) (118.6 KB)
• Subscriber Agreement (SA v1.0) (114.8 KB)

DocuSign External Certificate Authority

• DocuSign External Certificate Policy (CP v1.0) (2MB)

DocuSign TSCP Certificate Authority

• DocuSign TSCP Certificate Policy (CP v2.6) (1MB)

Root CA For DocuSign Express Mail Service

• DocuSign root CA (939 bytes): Root CA certificate used for Express Digital Signatures

Connect Certificates

The Connect certificates are used for Mutual TLS and for digitally signed, SOAP-formatted notification messages.

New Connect Certificates Availability & Schedule.

The common names in scope in this new certificate update are:

• DocuSign Developer Sandbox (Demo): demo.connect.docusign.net
• DocuSign North American Services (NA1, NA2, NA3, NA4): connect.docusign.net
• DocuSign European Services (EU): eu.connect.docusign.net
• DocuSign Australian Services (AU): au.connect.docusign.net
• DocuSign Canadian Services (CA): ca.connect.docusign.net

The renewed DocuSign Connect x.509 certificates listed below are slated to be introduced into the DocuSign Service in the January 2022 – April 2022 timeframe.

The “Offer” dates specified below are the date the renewed certificate will be available for download on this site and consumption in the DocuSign Connect service alongside the current certificate and the “Force” date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption.

• NA1, NA2, NA3 and NA4 environments: DocuSign Connect x.509 (3KB): expires on March 27, 2023.This new certificate will be enforced as the sole connect certificate on April 13th 2022.

Notes:

*New certificates will have a maximum protection lifetime of 397 days. Customers should adjust their change schedules to manage updates to this new period.

**Customers leveraging the older certificates after the enforce dates listed above will experience connectivity failures if they do not update their infrastructure updates to use the renewed certificates prior to the 2022 Force dates above.

Current Connect Certificates

The common name for each certificate is:

• DocuSign Developer Sandbox (Demo): demo.connect.docusign.net
• DocuSign North American Services (NA1, NA2, NA3, NA4): connect.docusign.net
• DocuSign European Services (EU): eu.connect.docusign.net
• DocuSign Australian Services (AU): au.connect.docusign.net
• DocuSign Canadian Services (CA): ca.connect.docusign.net
• Intermediate Certificate: SHA2 Secure Server CA
• Root Certificate: DigiCert Global Root G2 CA

Current Certificates

• DEMO environment: DocuSign Connect x.509 (3KB): current as of February 7, 2022, expires on January 15, 2023.(name: demo.connect.docusign.net)
• NA1, NA2, NA3 and NA4 environments: DocuSign Connect x.509 (3KB):current as of April 19, 2021 , expires April 25, 2022.(name: connect.docusign.net)
• EU environments: DocuSign Connect x.509 (3KB): expires February 27, 2023.(name: eu.connect.docusign.net)
• AU environment: DocuSign Connect x.509 (3KB): expires on February 27, 2023. (name: au.connect.docusign.net)
• CA environment: DocuSign Connect x.509 (3KB): expires February 27, 2023 (name: ca.connect.docusign.net)
• Intermediate certificate: expires on September 23, 2030
• Root certificate: expires on January 15, 2038

Security Appliance Certificates

The “Offer” dates specified below are the date the renewed certificate will be available for download on this site and the “Force” date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption.

DocuSign Client certificate: expires on March 4, 2023. This new certificate is for both Demo and Production. This new certificate will be enforced as the sole certificate on March 31, 2022.

*** Testing the new certificate can start in the client's Demo environment after the offer date.

*** Testing the new certificate can start in the client's Prod environment after March 7, 2022.

Current Security Appliance Certificate

• DocuSign France Certification Authorities
• Current DocuSign Client certificate: the current certificate for DocuSign Security Appliance client validation, expires on April 4, 2022

The required Root and Intermediate CA certificates are:

• Intermediate certificate: expires on July 2, 2030
• Root certificate: expires on January 15, 2038
• DigiCert Root and Intermediate CA is also listed under “Intermediate and Root Certificate Authorities (CA)” section.

Signed By Certificates

The “Offer” dates specified below are the date the renewed certificate will be available for download on this site and the “Force” date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption.

Current Signed by Certificate

• Signed by certificate (2.5 KB): the current Signed by certificate, expires on March 4, 2023

The required Root and Intermediate CA certificates are:

Intermediate certificate: expires on July 2, 2030
Root certificate: expires on January 15, 2038
DigiCert Root and Intermediate CA is also listed under “Intermediate and Root Certificate Authorities (CA)” section

Entrust Certificates

The current Certificates in Production are as follows:

• Entrust certificate (3.0 KB): for signature verification, expires on December 20, 2022
• Entrust intermediate certificate (1.9 KB)
• Entrust root certificate (1.5 KB)

DocuSign ECA Certificates

• DocuSign ECA Root certificate (2.0 KB): for signature verification, expires on November 26, 2029
• DocuSign ECA Issuing certificate (2.0 KB)

DocuSign TSCP Certificates

• DocuSign TSCP Root CA Certificate (2KB)

DocuSign France

• DocuSign France Certification Authorities

 

SSO Certificate

SSO Service Provider certificate is optional for customers. Customers can choose to use it to sign AuthN requests and/or for saml response encryption. Download the 2022 DocuSign SSO Self-Signed Certificate at https://www.docusign.com/file/105805, and learn more about this update at DocuSign SSO Cert Renewal - Action Required.  

 

Network Traffic Certificates

Site Certificates

The “Offer” dates specified below are the date the renewed certificate will be available for download on this site and the “Force” date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption.

NA1 (www) SSL Certificate (3 KB): expires June 18, 2023. This new certificate will be enforced as the sole certificate on June 22, 2022.
NA2 SSL Certificate (3 KB): expires June 18, 2023. This new certificate will be enforced as the sole certificate on June 22, 2022.

​Current Site Certificates

• Demo SSL certificate (2.59 KB): The current demo SSL certificate, expires on ‎February ‎19, ‎2023
• NA1 (www) SSL Certificate (3 KB): The current NA1 SSL certificate, expires on June 24, 2022
• NA2 SSL Certificate (3 KB): The current NA2 SSL certificate, expires on June 24, 2022
• NA3 SSL Certificate (2.61 KB): The current NA3 SSL certificate, expires on March 29, 2023
• NA4 SSL Certificate (3 KB): The current NA4 SSL certificate, expires on December 3, 2022
• EU SSL certificate (2.58 KB): The current EU SSL certificate, expires on February 19, 2023
• AU SSL certificate (3 KB): The current AU SSL certificate, expires on November 5th, 2022
• CA SSL certificate (2.58 KB): The current CA SSL certificate, expires on February 26, 2023

Intermediate and Root Certificate Authorities (CA)for Site Certificates

Current Certificates

• DigiCert Intermediate CA (1.2 KB): Intermediate CA for Demo/NA1/NA2/NA3/EU/AU/CA SSL certificates
• DigiCert Root CA (969 bytes): Root CA for Demo/NA1/NA2/NA3/EU/AU/CA SSL certificates

Account Server Certificates

The “Offer” dates specified below are the date the renewed certificate will be available for download on this site and the “Force” date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption.

New Account Server Certificates

• eu.account.docusign.com (3KB): expires June 3, 2023. This new certificate will be enforced as the sole certificate on June 1, 2022.
• ca.account.docusign.com (3KB): expires June 3, 2023. This new certificate will be enforced as the sole certificate on June 1, 2022.
• au.account.docusign.com (3KB): expires June 3, 2023. This new certificate will be enforced as the sole certificate on June 1, 2022.
• na.account.docusign.com (3KB): expires June 18, 2023. This new certificate will be enforced as the sole certificate on June 22, 2022.

Current Account Server Certificates

• na.account.docusign.com (3KB): the current certificate expires June 24, 2022.
• eu.account.docusign.com (3KB): the current certificate expires June 3, 2022.
• ca.account.docusign.com (3KB): the current certificate expires June 3, 2022.
• au.account.docusign.com (3KB): the current certificate expires June 3, 2022​.
• account-d.docusign.com (2.6 KB): the current demo account certificate, expires on March 6, 2023.
• account.docusign.com (2.6 KB): the current account server SSL certificate, expires on March 29, 2023.

DigiCert Root and Intermediate CA is also listed under “Intermediate and Root Certificate Authorities (CA)” section.

Note: a DigiCert High Assurance EV Root CA certificate and new DigiCert SHA2 Extended Validation Server CA intermediate certificate will be required for the current certificates above as well.

• Intermediate Certificate: expires October 22, 2028
• Root Certificate: expires November 9, 2031