Integration with OneSpan Sign is secured via an SSL certificate issued by GlobalSign. Thus that GlobalSign intermediate certificate must be installed in your integration environment.
In light of the Logjam security vulnerability, OneSpan Sign has increased its DH SSL key from 1024 bits to 2048 bits.
Older versions of Java and .NET will no longer be able to connect to OneSpan Sign, since they don't support the larger encryption key.
Certificate serial#: 04 00 00 00 00 01 44 4e f0 3e 20 Thumbprint: 73 6a 4d c6 79 d6 82 da 32 15 63 64 7c 60 f6 99 f0 df c2 68
Download link: https://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt
Your JVM must be using Java 1.7.0_21 or higher.
To identify the Java version installed on your system, run the following command:
If you want to work with an OneSpan Sign Java SDK, download the 11 version.
To view Javadoc documentation for an OneSpan Sign Java SDK: (1) download the 11 version; (2) unzip the downloaded file; (3) run the file
The OneSpan Sign Java SDKs support Java 1.7_21 and higher.
For additional information, see the GitHub examples below.
To download the OneSpan Sign Java SDK, click here.
To see if this certificate is already installed in your environment, run the following command:
keytool -list -keystore <JAVA_HOME/lib/security/cacerts> | grep -i 73:6a:4d:c6:79:d6:82:da:32:15:63:64:7c:60:f6:99:f0:df:c2:68
If the certificate is not installed, install it by running the following command:
keytool -importcert -alias GlobalSignIntermediateCA -keystore <JAVA_HOME/lib/security/cacerts> -file gsdomainvalsha2g2r1.crt
Sample Java Code
If you are a Maven user, add to your pom file the appropriate one of following dependencies.
For SDK 11:
<dependency> <groupId>com.silanis.esl</groupId> <artifactId>sdk</artifactId> <version>11.18</version> </dependency>
If you want the version of the SDK that bundles all dependencies, add
<classifier>jar-with-dependencies</classifier> to the dependency.
If you are using Java to integrate, we recommend that you download and run our Diagnostics Application. That application checks the compatibility of your JVM with OneSpan Sign's SSL security settings.
You can download the Diagnostics Applicationhere.
To run the Diagnostics Application:
- Ensure that you are on the Production JVM, or on a testing JVM that is identical to the Production JVM.
- Run the following command:
- If the test result is negative, an error message appears that begins: Your system is not compatible with eSignlive!
java -cp securityscanner.jar com.silanis.esl.Scanner
If you want to work with an OneSpan Sign .NET SDK, download the 11 version, and perform the extra configuration described below. For additional information, see the GitHub examples below.
Your integration must use .NET framework 4.5 or higher.
To identify the .NET framework installed on your system, follow the instructions in this link: https://msdn.microsoft.com/en-us/library/hh925568
To download the OneSpan Sign .NET SDK, click here.
To install the certificate, double-click the file
gsdomainvalsha2g2r1.crt, and then select install certificate.
Sample .NET Code
After you've downloaded an OneSpan Sign .NET SDK, and extracted the package into the directory of your Visual Studio project, add the following as references within Visual Studio:
Which Mobile SDK applies to you depends on your Operating System:
- To learn how to download and integrate the iOS SDK, click here.
- To learn how to download and integrate the Android SDK, click here.
Written in APEX, the OneSpan Sign APEX SDK for Salesforce enables developers to integrate e-signing functionality into their custom apps on either Salesforce or the Force.com platform.