DocuSign eSignature public certificates

Digital certificates provide higher levels of identity authentication and document transaction security. Digital certificates cryptography uses Public Key Infrastructure (PKI) technology to issue certificates based on X.509 standards to represent the digital identity of a signer. Standard-based signatures is the DocuSign platform for providing a full range of signature capabilities using digital certificates.

 

PKI documentation

  • DocuSign Express Certificate Authority
  • DocuSign External Certificate Authority
  • DocuSign TSCP Certificate Authority

 

Site Certificates

 

Intermediate and Root Certificate Authorities (CA) for Site Certificates 

Current Certificates

 

SSO Certificates

New 

The renewed DocuSign SSO certificate is slated to be introduced into the DocuSign SSO Service in the March 2021 – April2021 timeframe.

  • DEMO environment: will be offered on March 17th 2021. This new certificate will be enforced as the sole connect certificate on March 31st 2021.
  • PROD environment: will be offered on March 17th 2021. This new certificate will be enforced as the sole connect certificate on April 7th 2021.

Current 

 

Connect Certificates

The Connect certificates are used for Mutual TLS and for digitally signed, SOAP-formatted notification messages.

New Connect Certificates Availability & Schedule.

The common names in scope in this new certificate update are:

  • DocuSign Developer Sandbox (Demo): demo.connect.docusign.net
  • DocuSign North American Services (NA1, NA2, NA3, NA4): connect.docusign.net
  • DocuSign European Services (EU): eu.connect.docusign.net
  • DocuSign Australian Services (AU): au.connect.docusign.net
  • DocuSign Canadian Services (CA): ca.connect.docusign.net

 

The renewed DocuSign Connect x.509 certificates listed below are slated to be introduced into the DocuSign Service in the March 2021 – June 2021 timeframe.

The “Offer” dates specified below is the date the renewed certificate will be published on this page and available for download and available for consumption and the “Force” date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption

  • DEMO environment: will be offered on March 24th 2021. This new certificate will be enforced as the sole connect certificate on April 21 2021.
  • NA1, NA2, NA3 and NA4 environments: will be offered on May 5th 2021. This new certificate will be enforced as the sole connect certification June 2 2021.
  • EU environment: will be offered on April 21 2021. This new certificate will be enforced as the sole connect certificate on May 19 2021.
  • AU environment: will be offered on April 7 2021. This new certificate will be enforced as the sole connect certification May 5 2021.
  • CA environment: will be offered on April 14 2021. This new certificate will be enforced as the sole connect certification May 12 2021.

Notes:

*New certificates will have a maximum protection lifetime of 397 days vs. 2 years in the past. Customers should adjust their change schedules to manage updates to this new period.  
**Customers leveraging the older certificates after the enforce dates listed above will experience connectivity failures if they do not infrastructure move to using the renewed certificate.

 

  • Current Connect Certificates
  • The common name for each certificate is:
    • DocuSign Developer Sandbox (Demo): demo.connect.docusign.net
    • DocuSign North American Services (NA1, NA2, NA3, NA4): connect.docusign.net
    • DocuSign European Services (EU): eu.connect.docusign.net
    • DocuSign Australian Services (AU): au.connect.docusign.net
    • DocuSign Canadian Services (CA): ca.connect.docusign.net
    • Intermediate Certificate: SHA2 Secure Server CA
    • Root Certificate: DigiCert Global Root G2 CA

 

Security Appliance Certificates​

  • Current Security Appliance Certificate
  • Current DocuSign Client certificate: the current certificate for DocuSign Security Appliance client validation, expires on April 4, 2022
  •  
  • The required Root and Intermediate CA certificates are:
  • Intermediate certificate: expires on July 2, 2030
  • Root certificate: expires on January 15, 2038
  • DigiCert Root and Intermediate CA is also listed under “Intermediate and Root Certificate Authorities (CA)” section.
  •  

Account Server Certificates

 

New Account Server Certificates

.

  • Current Account Server Certificates

na.account.docusign.com (3KB): the new NA account server SSL certificate, expires June 29 2021

eu.account.docusign.com (3KB): the new EU account server SSL certificate, expires June 7 2021

ca.account.docusign.com (3KB): the new CA account server SSL certificate, expires June 7 2021

au.account.docusign.com (3KB): the new AU account server SSL certificate, expires June 7 2021​

account-d.docusign.com (2.6 KB): the current demo account server SSL certificate, expires on March 3, 2022

account.docusign.com (2.6 KB): the current account server SSL certificate, expires on March 26, 2022

  • DigiCert Root and Intermediate CA is also listed under “Intermediate and Root Certificate Authorities (CA)” section.

 

Signed By Certificates

Current Signed by Certificate

  • Signed by certificate (2.5 KB): the current Signed by certificate, expires on March 28, 2022
  •  
  • The required Root and Intermediate CA certificates are:

  • Intermediate certificate: expires on July 2, 2030

  • Root certificate: expires on January 15, 2038
  • DigiCert Root and Intermediate CA is also listed under “Intermediate and Root Certificate Authorities (CA)” section

 

Entrust Certificates

The current Certificates in Production are as follows: 

 

DocuSign ECA Certificates

 

DocuSign TSCP Certificates

 

DocuSign France