DocuSign eSignature public certificates

Digital certificates provide higher levels of identity authentication and document transaction security. Digital certificates cryptography uses Public Key Infrastructure (PKI) technology to issue certificates based on X.509 standards to represent the digital identity of a signer. Standard-based signatures is the DocuSign platform for providing a full range of signature capabilities using digital certificates.

To view the technical details of each certificate including but not limited to: Issue date, Expiry date, CN, Issuer, Thumbprint, Signature Algorithm, chaining and other technical metadata, please download and view the respective files below.  

 

PKI documentation

• DocuSign Express Certificate Authority

• Certificate Policy / Certification Practice Statement (CP/CPS v1.1) (788.2 KB)
• Relying Party Agreement (RPA v1.0) (118.6 KB)
• Subscriber Agreement (SA v1.0) (114.8 KB)

• DocuSign External Certificate Authority

• DocuSign External Certificate Policy (CP v1.0) (2MB)

• DocuSign TSCP Certificate Authority

• DocuSign TSCP Certificate Policy (CP v2.6) (1MB)

 

Site Certificates

     New Site Certificate Availability Schedule: 

• The current AU SSL certificate is expiring October 30 2021. The new AU Site SSL certificate and will be released on the following schedule: 
  • New AU SSL certificate (3 KB): The new AU SSL certificate expires November 5th 2022 
  • The new AU certificate will be enforced on Wednesday October 27 2021 3PM. After this time the new certificate will be the sole certificate for the AU Site SSL endpoints. 

 

• The current NA4 SSL certificate is expiring December 2 2021. The new NA4 Site SSL certificate and will be released on the following schedule: 
  • The new NA4 certificate will be available for download for customers on this site on Wednesday November 3 2021. 
  • The new NA4 certificate will be enforced on Wednesday November 17 2021 3PM. After this time the new certificate will be the sole certificate for the NA4 Site SSL endpoints.
•  
•  
• Current Site Certificates
• Demo SSL certificate (2.59 KB): The current demo SSL certificate, expires on ‎February ‎20, ‎2022
• NA1 (www) SSL Certificate (3 KB): The current NA1 SSL certificate, expires on June 24, 2022
• NA2 SSL Certificate (3 KB): The current NA2 SSL certificate, expires on June 24, 2022
• NA3 SSL Certificate (2.61 KB): The current NA3 SSL certificate, expires on March 29, 2022
• NA4 SSL Certificate (2.59 KB): The current NA4 SSL certificate, expires on December 2, 2021
• EU SSL certificate (2.58 KB): The current EU SSL certificate, expires on February 20, 2022
• AU SSL certificate (2.58 KB): The current AU SSL certificate, expires on October 30, 2021
• CA SSL certificate (2.58 KB): The current CA SSL certificate, expires on February 27, 2022

 

Intermediate and Root Certificate Authorities (CA) for Site Certificates 

Current Certificates

• DigiCert Intermediate CA (1.2 KB): Intermediate CA for Demo/NA1/NA2/NA3/EU/AU/CA SSL certificates

• DigiCert Root CA (969 bytes): Root CA for Demo/NA1/NA2/NA3/EU/AU/CA SSL certificates

• DocuSign root CA (939 bytes): Root CA certificate used for Express Digital Signatures

 

SSO Certificates

Current 

• DocuSign SSO Certificate (2 KB): This certificate expires April 4, 2022.

**Note: The Intermediate and Root certificates related to the new SSO certificate are as follows:

• Intermediate certificate: expires on September 23, 2030 (name: DigiCert Global G2 TLS RSA SHA256 2020 CA1)
• Root certificate: expires on Jan 15, 2038 (name: DigiCert Global Root G2 )

 

Connect Certificates

The Connect certificates are used for Mutual TLS and for digitally signed, SOAP-formatted notification messages.

 

• Current Connect Certificates
• The common name for each certificate is:
  • DocuSign Developer Sandbox (Demo): demo.connect.docusign.net
  • DocuSign North American Services (NA1, NA2, NA3, NA4): connect.docusign.net
  • DocuSign European Services (EU): eu.connect.docusign.net
  • DocuSign Australian Services (AU): au.connect.docusign.net
  • DocuSign Canadian Services (CA): ca.connect.docusign.net
  • Intermediate Certificate: SHA2 Secure Server CA
  • Root Certificate: DigiCert Global Root G2 CA

•  
• Current Certificates
  • DEMO and stage environments: DocuSign Connect x.509 (3KB): current as of March 7 2021, expires on March 16, 2022. (name: demo.connect.docusign.net)
  • NA1, NA2, NA3 and NA4 environments: DocuSign Connect x.509 (3KB):current as of April 19, 2021 , expires April 25, 2022. (name: connect.docusign.net)
  • EU environments: DocuSign Connect x.509 (3KB): current as of March 22 2021, expires March 28 2022. (name: eu.connect.docusign.net)
  • AU environment: DocuSign Connect x.509 (3KB): current as of March 22 2021, expires March 28 2022. (name: au.connect.docusign.net)
  • CA environment: DocuSign Connect x.509 (3KB): current as of March 22 2021, expires March 28 2022 (name: ca.connect.docusign.net)

  • Intermediate certificate: expires on September 23, 2030 

  • Root certificate: expires on January 15, 2038 

 

Security Appliance Certificates​

• Current Security Appliance Certificate
• Current DocuSign Client certificate: the current certificate for DocuSign Security Appliance client validation, expires on April 4, 2022
•  
• The required Root and Intermediate CA certificates are:
• Intermediate certificate: expires on July 2, 2030
• Root certificate: expires on January 15, 2038
• DigiCert Root and Intermediate CA is also listed under “Intermediate and Root Certificate Authorities (CA)” section.
•  

Account Server Certificates

   

• Current Account Server Certificates

na.account.docusign.com (3KB): he new NA account server SSL certificate, expires June 24, 2022

eu.account.docusign.com (3KB): the new EU account server SSL certificate, expires June 3 2022

ca.account.docusign.com (3KB): the new CA account server SSL certificate, expires June 3 2022

au.account.docusign.com (3KB): the new AU account server SSL certificate, expires June 3 2022​

account-d.docusign.com (2.6 KB): the current demo account server SSL certificate, expires on March 3, 2022

account.docusign.com (2.6 KB): the current account server SSL certificate, expires on March 26, 2022

• DigiCert Root and Intermediate CA is also listed under “Intermediate and Root Certificate Authorities (CA)” section.

Note: a DigiCert High Assurance EV Root CA certificate and new DigiCert SHA2 Extended Validation Server CA intermediate certificate will be required for the current certificates above as well. 

Intermediate Certificate: expires October 22, 2028 
Root Certificate: expires November 9, 2031 

   

Signed By Certificates

Current Signed by Certificate

• Signed by certificate (2.5 KB): the current Signed by certificate, expires on March 28, 2022
•  
• The required Root and Intermediate CA certificates are:

• Intermediate certificate: expires on July 2, 2030

• Root certificate: expires on January 15, 2038
• DigiCert Root and Intermediate CA is also listed under “Intermediate and Root Certificate Authorities (CA)” section

 

Entrust Certificates

The current Certificates in Production are as follows: 

• Entrust certificate (3.0 KB): for signature verification, expires on December 20, 2022
• Entrust intermediate certificate (1.9 KB)
• Entrust root certificate (1.5 KB)

 

DocuSign ECA Certificates

• DocuSign ECA Root certificate (2.0 KB): for signature verification, expires on November 26, 2029
• DocuSign ECA Issuing certificate (2.0 KB)

 

DocuSign TSCP Certificates

• DocuSign TSCP Root CA Certificate (2KB)

 

DocuSign France

• DocuSign France Certification Authorities