SSL Communication

Integration with OneSpan Sign is secured via an SSL certificate issued by GlobalSign. Thus that GlobalSign intermediate certificate must be installed in your integration environment.

Integration Environment

In light of the Logjam security vulnerability, OneSpan Sign has increased its DH SSL key from 1024 bits to 2048 bits.

Older versions of Java and .NET will no longer be able to connect to OneSpan Sign, since they don't support the larger encryption key.

Certificate Details

Certificate serial#: 04 00 00 00 00 01 44 4e f0 3e 20
Thumbprint: 73 6a 4d c6 79 d6 82 da 32 15 63 64 7c 60 f6 99 f0 df c2 68

Download link: https://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt

OneSpan Sign Java SDKs

Minimum Requirements

Your JVM must be using Java 1.7.0_21 or higher.

To identify the Java version installed on your system, run the following command:

java -version

If you want to work with an OneSpan Sign Java SDK, download the 11 version.

To view Javadoc documentation for an OneSpan Sign Java SDK: (1) download the 11 version; (2) unzip the downloaded file; (3) run the file sdk-<version number>-javadoc.

The OneSpan Sign Java SDKs support Java 1.7_21 and higher.

For additional information, see the GitHub examples below.

SDK 11

• To download the OneSpan Sign Java SDK, click here.

Installing

To see if this certificate is already installed in your environment, run the following command:

keytool -list -keystore <JAVA_HOME/lib/security/cacerts> | grep -i 73:6a:4d:c6:79:d6:82:da:32:15:63:64:7c:60:f6:99:f0:df:c2:68

If the certificate is not installed, install it by running the following command:

keytool -importcert -alias GlobalSignIntermediateCA -keystore <JAVA_HOME/lib/security/cacerts> -file gsdomainvalsha2g2r1.crt

Sample Java Code

• Sample Java Code for Creating a Package
• More Java Examples

Maven Users

If you are a Maven user, add to your pom file the appropriate one of following dependencies.

For SDK 11:

<dependency>
     <groupId>com.silanis.esl</groupId>
     <artifactId>sdk</artifactId>
     <version>11.18</version>
</dependency>

If you want the version of the SDK that bundles all dependencies, add <classifier>jar-with-dependencies</classifier> to the dependency.

Java Diagnostics Application

If you are using Java to integrate, we recommend that you download and run our Diagnostics Application. That application checks the compatibility of your JVM with OneSpan Sign's SSL security settings.

You can download the Diagnostics Applicationhere.

To run the Diagnostics Application:

1. Ensure that you are on the Production JVM, or on a testing JVM that is identical to the Production JVM.
2. Run the following command:

java -cp securityscanner.jar com.silanis.esl.Scanner

3. If the test result is negative, an error message appears that begins: Your system is not compatible with eSignlive!

OneSpan Sign .NET SDKs

If you want to work with an OneSpan Sign .NET SDK, download the 11 version, and perform the extra configuration described below. For additional information, see the GitHub examples below.

Minimum Requirements

.NET

Your integration must use .NET framework 4.5 or higher.

To identify the .NET framework installed on your system, follow the instructions in this link: https://msdn.microsoft.com/en-us/library/hh925568

SDK 11

• To download the OneSpan Sign .NET SDK, click here.

Installing

To install the certificate, double-click the file gsdomainvalsha2g2r1.crt, and then select install certificate.

Sample .NET Code

• Sample .NET Code for Creating a Package
• More .NET Examples

Extra Configuration

After you've downloaded an OneSpan Sign .NET SDK, and extracted the package into the directory of your Visual Studio project, add the following as references within Visual Studio:

Newtonsoft.Json.dll
Silanis.ESL.dll

OneSpan Sign Mobile SDKs

Which Mobile SDK applies to you depends on your Operating System:

• To learn how to download and integrate the iOS SDK, click here.
• To learn how to download and integrate the Android SDK, click here.

OneSpan Sign APEX SDK

Written in APEX, the OneSpan Sign APEX SDK for Salesforce enables developers to integrate e-signing functionality into their custom apps on either Salesforce or the Force.com platform.

• To get started, please download the OneSpan Sign APEX SDK on GitHub.
• You can also view numerous code snippets and examples.
• If you have specific questions, check out our Developer Community.