DocuSign public certificates
Digital certificates provide higher levels of identity authentication and document transaction security. Digital certificates cryptography uses Public Key Infrastructure (PKI) technology to issue certificates based on X.509 standards to represent the digital identity of a signer. Standard-based signatures is the DocuSign platform for providing a full range of signature capabilities using digital certificates.
PKI documentation
- Certificate Policy / Certification Practice Statement (CP/CPS v1.1) (788.2 KB)
- Relying Party Agreement (RPA v1.0) (118.6 KB)
- Subscriber Agreement (SA v1.0) (114.8 KB)
Site Certificates
- Demo SSL certificate (2.59 KB): The current demo SSL certificate, expires on February 22, 2021
- NA1 (www) SSL (2.6 KB): The current NA1 SSL certificate, expires on June 22, 2021
- NA2 SSL certificate (2.6 KB): The current NA2 SSL certificate, expires on June 22, 2021
- NA3 SSL certificate (1.9 KB): The current NA3 SSL certificate, expires on March 29, 2020
- EU SSL certificate (2.58 KB): The current EU SSL certificate, expires on February 26, 2021
Intermediate and Root Certificate Authorities (CA)
- DigiCert Intermediate CA (1.2 KB): Intermediate CA for Demo/NA1/NA2/NA3/EU SSL certificates
- DigiCert Root CA (969 bytes): Root CA for Demo/NA1/NA2/NA3/EU SSL certificates
- DocuSign root CA (939 bytes): Root CA certificate used for Express Digital Signatures
SSO Certificates
- DocuSign SSO certificate (2.38 KB): This certificate expires April 15, 2021.
- **Note: The Intermediate and Root certificates are as follows:
- Intermediate certificate: expires on March 8, 2023 (name: DigiCert SHA2 Secure Server CA)
- Root certificate: expires on November 10, 2031 (name: DigiCert Global Root CA)
Connect Certificates
The Connect certificates are used for Mutual TLS and for digitally signed, SOAP-formatted notification messages.
- New Connect Certificates Availability & Schedule
- The common names in scope in this new certificate update are:
- DocuSign Developer Sandbox (Demo): demo.connect.docusign.net
- DocuSign North American Services (NA1, NA2, NA3): connect.docusign.net
- DocuSign European Services (EU): eu.connect.docusign.net
- DocuSign Australian Services (AU): au.connect.docusign.net
- DocuSign Canadian Services (CA): ca.connect.docusign.net
- Intermediate Certificate: DigiCert Global CA G2 certificate
- Root Certificate: DigiCert Global Root G2 certificate
-
- The renewed Connect certificates listed below are slated to be introduced into the DocuSign Service in the September 2019 - November 2019 timeframe. The ‘offer’ date specified below is the date the renewed certificate will be available for consumption and the ‘enforce’ date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption.
- DEMO and stage environments: DocuSign Connect x.509 (2.4 KB): offered on September 11, 2019. This new certificate will be enforced as the sole connect certificate on October 9, 2019.
- AU environment: DocuSign Connect x.509 (2.4 KB): will be offered on September 25, 2019. This new certificate will be enforced as the sole connect certification on October 23, 2019.
- CA environment: DocuSign Connect x.509 (2.4 KB): will be offered on October 2, 2019 . This new certificate will be enforced as the sole connect certification October 30, 2019.
- EU environments: DocuSign Connect x.509 (2.4 KB): will be offered on October 9th, 2019. This new certificate will be enforced as the sole connect certificate on November 6, 2019.
- NA1, NA2, and NA3 environments: DocuSign Connect x.509 (2.4 KB): will be offered on October 16, 2019. This new certificate will be enforced as the sole connect certification November on 13, 2019.
- Intermediate certificate: expires on August 1, 2028
- Root certificate: expires on January 1, 2038
- Release Notes:
- A new Intermediate and Root certificate is also issued as part of this update. Customers should install the new intermediate and root certificates (if their current implementation includes the installation of the intermediate and root certificate).
- All new certificates are issued as chained to the SHA-2 DigiCert Global Root G2 and DigiCert Global CA G2 certificates.
- Customers leveraging the older certificates after the ‘enforce’ dates listed above will experience connectivity failures if they do not move to using the renewed certificate.
- A new Intermediate and Root certificate is also issued as part of this update. Customers should install the new intermediate and root certificates (if their current implementation includes the installation of the intermediate and root certificate).
- Current Connect Certificates
- The common name for each certificate is:
- DocuSign Developer Sandbox (Demo): demo.connect.docusign.net
- DocuSign North American Services (NA1, NA2, NA3): connect.docusign.net
- DocuSign European Services (EU): eu.connect.docusign.net
- DocuSign Australian Services (AU): au.connect.docusign.net
- DocuSign Canadian Services (CA): ca.connect.docusign.net
- Intermediate Certificate: DigiCert SHA2 Secure Server CA
- Root Certificate: DigiCert Global Root CA
- Current Certificates
- DEMO and stage environments: DocuSign Connect x.509 (2.4 KB): current as of May 2, 2018, expires on February 9, 2020 (name: demo.connect.docusign.net)
- EU environments: DocuSign Connect x.509 (2.6 KB): current as of May 16, 2018, expires on February 9, 2021 (name: eu.connect.docusign.net)
- NA1, NA2, and NA3 environments: DocuSign Connect x.509 (2.5 KB): current as of May 25, 2018, expires on February 9, 2021 (name: connect.docusign.net)
- AU environment: DocuSign Connect x.509 (1.7 KB): current as of April 9, 2018, expires on October 31, 2019 (name: au.connect.docusign.net)
- CA environment: DocuSign Connect x.509 (1.7 KB): current as of May 1, 2018, expires on Feb 28, 2020 (name: ca.connect.docusign.net)
- Intermediate certificate: expires on March 8, 2023
- Root certificate: expires on November 10, 2031
Security Appliance Certificates
- Renewed DocuSign Client certificate: current certificate for DocuSign Security Appliance client validation, expires on April 4, 2020
- Root and Intermediate CA is the DigiCert Root and Intermediate CA listed under “Intermediate and Root Certificate Authorities (CA)” section.
Account Server Certificates
- Account-d.docusign.com (2.6 KB): the current demo account server SSL certificate, expires on March 26, 2020
- Account.docusign.com (2.6 KB): the current account server SSL certificate, expires on March 26, 2020
- na.account.docusign.com (1.85 KB): the current NA account server SSL certificate, expires on March 28, 2021
- eu.account.docusign.com (1.85 KB): the current EU account server SSL certificate, expires on March 6, 2021
- ca.account.docusign.com (1.85 KB): the current CA account server SSL certificate, expires on March 6, 2021
- au.account.docusign.com (1.85 KB): the current AU account server SSL certificate, expires on March 6, 2021
- Root and Intermediate CA is the DigiCert Root and Intermediate CA listed under “Intermediate and Root Certificate Authorities (CA)” section.
Signed By Certificates
- Signed by certificate (2.6 KB): the current Signed by certificate, expires on March 28, 2020
- Root and Intermediate CA is the DigiCert Root and Intermediate CA listed under “Intermediate and Root Certificate Authorities (CA)” section.
Entrust Certificates
- Entrust certificate (2.0 KB): for signature verification, expires on December 20, 2020
- Entrust intermediate certificate (1.9 KB)
- Entrust root certificate (1.5 KB)
DocuSign France