DocuSign eSignature public certificates

Digital certificates provide higher levels of identity authentication and document transaction security. Digital certificates cryptography uses Public Key Infrastructure (PKI) technology to issue certificates based on X.509 standards to represent the digital identity of a signer. Standard-based signatures is the DocuSign platform for providing a full range of signature capabilities using digital certificates.

To view the technical details of each certificate including but not limited to: Issue date, Expiry date, CN, Issuer, Thumbprint, Signature Algorithm, chaining and other technical metadata, please download and view the respective files below.  

 

DocuSign Express Service 

New Service Offerings 

The new DocuSign Express email service will be available to customers and “Offered” as of January 10th 2022.  The new Express email service certificates will be available in the service for consumption alongside the existing DocuSign Express email service until the “Force” date of March 9th 2022. After the Force date the new certificate will be the only option.  i.e. the current certificate will no longer be available for consumption.  The new service documentation and certificate is available below.

New Express Policies

New DocuSign Express email service certificate

 

Current DocuSign Express Mail Service

PKI documentation

     Root CA For DocuSign Express Mail Service

 

Site Certificates

     The “Offer” dates specified below are the date the renewed certificate will be available for download on this site and the “Force” date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption.

Current Site Certificates

 

Intermediate and Root Certificate Authorities (CA) for Site Certificates 

Current Certificates

 

SSO Certificate 

SSO Service Provider certificate is optional for customers. Customers can choose to use it to sign AuthN requests and/or for saml response encryption. Download the new 2022 DocuSign SSO Self-Signed Certificate at https://www.docusign.com/file/105805, and learn more about this update at DocuSign SSO Cert Renewal - Action Required.  

.

Connect Certificates

The Connect certificates are used for Mutual TLS and for digitally signed, SOAP-formatted notification messages.

New Connect Certificates Availability & Schedule.

The common names in scope in this new certificate update are:

  • DocuSign Developer Sandbox (Demo): demo.connect.docusign.net
  • DocuSign North American Services (NA1, NA2, NA3, NA4): connect.docusign.net
  • DocuSign European Services (EU): eu.connect.docusign.net
  • DocuSign Australian Services (AU): au.connect.docusign.net
  • DocuSign Canadian Services (CA): ca.connect.docusign.net

 

The renewed DocuSign Connect x.509 certificates listed below are slated to be introduced into the DocuSign Service in the January 2022 – April 2022 timeframe.

The “Offer” dates specified below are the date the renewed certificate will be available for download on this site and consumption in the DocuSign Connect service alongside the current certificate and the “Force” date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption.

Notes:

*New certificates will have a maximum protection lifetime of 397 days. Customers should adjust their change schedules to manage updates to this new period.  

**Customers leveraging the older certificates after the enforce dates listed above will experience connectivity failures if they do not update their infrastructure updates to use the renewed certificates prior to the 2022 Force dates above.

 

  • Current Connect Certificates
  • The common name for each certificate is:
    • DocuSign Developer Sandbox (Demo): demo.connect.docusign.net
    • DocuSign North American Services (NA1, NA2, NA3, NA4): connect.docusign.net
    • DocuSign European Services (EU): eu.connect.docusign.net
    • DocuSign Australian Services (AU): au.connect.docusign.net
    • DocuSign Canadian Services (CA): ca.connect.docusign.net
    • Intermediate Certificate: SHA2 Secure Server CA
    • Root Certificate: DigiCert Global Root G2 CA

 

Security Appliance Certificates​

        The “Offer” dates specified below are the date the renewed certificate will be available for download on this site and the “Force” date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption.

 

  •      DocuSign Client certificate: expires on March 4, 2023. This new certificate is for both Demo and Production. This new certificate will be enforced as the sole certificate on March 31, 2022.

  • *** Testing the new certificate can start in the client's Demo environment after the offer date.

  •     *** Testing the new certificate can start in the client's Prod environment after March 7, 2022.

    • Current Security Appliance Certificate
    • Current DocuSign Client certificate: the current certificate for DocuSign Security Appliance client validation, expires on April 4, 2022
    •  
    • The required Root and Intermediate CA certificates are:
    • Intermediate certificate: expires on July 2, 2030
    • Root certificate: expires on January 15, 2038
    • DigiCert Root and Intermediate CA is also listed under “Intermediate and Root Certificate Authorities (CA)” section.
    •  

    Account Server Certificates   

         The “Offer” dates specified below are the date the renewed certificate will be available for download on this site and the “Force” date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption.

    • Current Account Server Certificates

    na.account.docusign.com (3KB): the new NA account server SSL certificate, expires June 24, 2022

    eu.account.docusign.com (3KB): the new EU account server SSL certificate, expires June 3 2022

    ca.account.docusign.com (3KB): the new CA account server SSL certificate, expires June 3 2022

    au.account.docusign.com (3KB): the new AU account server SSL certificate, expires June 3 2022​

    account-d.docusign.com (2.6 KB): the current demo account server SSL certificate, expires on March 6, 2023

    account.docusign.com (2.6 KB): the current account server SSL certificate, expires on March 29, 2023

    • DigiCert Root and Intermediate CA is also listed under “Intermediate and Root Certificate Authorities (CA)” section.

    Note: a DigiCert High Assurance EV Root CA certificate and new DigiCert SHA2 Extended Validation Server CA intermediate certificate will be required for the current certificates above as well. 

    Intermediate Certificate: expires October 22, 2028 
    Root Certificate: expires November 9, 2031 

       

    Signed By Certificates

      The “Offer” dates specified below are the date the renewed certificate will be available for download on this site and the “Force” date is when the renewed certificate will be the only option i.e. the current certificate will no longer be available for consumption.

    Current Signed by Certificate

    • Signed by certificate (2.5 KB): the current Signed by certificate, expires on March 4, 2023
    •  
    • The required Root and Intermediate CA certificates are:

    • Intermediate certificate: expires on July 2, 2030

    • Root certificate: expires on January 15, 2038
    • DigiCert Root and Intermediate CA is also listed under “Intermediate and Root Certificate Authorities (CA)” section

     

    Entrust Certificates

    The current Certificates in Production are as follows: 

     

    DocuSign ECA Certificates

     

    DocuSign TSCP Certificates

     

    DocuSign France