Communicating via WebSocket
The Personal Certificate Client (PCC) is a local process that runs as an executable on a host computer. Specifically, the PCC acts as a local server that communicates with OneSpan Sign’s JavaScript libraries via WebSocket.
The following sections discuss various aspects of this WebSocket communication:
Required SSL Certificate
The PCC executable communicates with OneSpan Sign’s JavaScript libraries over a TLS connection. This communication uses an SSL certificate provided by the PCC Installer. This certificate is issued to localhost.esignlive.com.
The current version of the product provides a certificate that expires on August 20, 2024. OneSpan Sign will provide updates with renewed SSL certificates each time the current SSL is about to expire. In particular:
-
Windows users with Consumer Edition installations will receive an update whenever: (1) an update is available; (2) the user tries to access OneSpan Sign’s service.
-
Windows customers with Corporate Edition installations will receive an updated version of the Installer when it becomes available. They can then install the updated version, preferably via MS Group Policies (or by installing it manually — for manual instructions, click here).
-
Users with macOS installations will receive an update whenever: (1) an update is available; (2) the user tries to access OneSpan Sign’s service.
Using an External Proxy
If the end-user's environment is using an External Proxy, the WebSocket communication will not work as expected without additional configuration.
If an External Proxy is being used, requests to the PCC executable will be redirected to the proxy, which will resolve localhost.esignlive.com into 127.0.0.1 (using the DNS). Requests to the PCC executable will fail because the proxy will not find OneSpan Sign’s service running on its local 127.0.0.1.
Using an External Proxy thus requires end-users or an IT Department to bypass the proxy server for the address localhost.esignlive.com by suitably configuring the proxy’s settings.
WebSocket’s Connection Ports
WebSocket is automatically connected to one of the following hard-coded ports:
-
26666
-
31222
-
32444
-
44555
-
47777
-
48888
OneSpan Sign’s JavaScript library expects the PCC executable to use one of these six ports.