System Requirements

This section describes the following aspects of your system that are required for a successful integration:

SSL Communication

Integration with OneSpan Sign is secured via an SSL certificate issued by GlobalSign. Thus that GlobalSign intermediate certificate must be installed in your integration environment.

Certificate Details

Certificate serial#: 04 00 00 00 00 01 44 4e f0 3e 20
Thumbprint: 73 6a 4d c6 79 d6 82 da 32 15 63 64 7c 60 f6 99 f0 df c2 68

Download link:



To see if this certificate is already installed in your environment, run the following command:

keytool -list -keystore <JAVA_HOME/lib/security/cacerts> | grep -i 73:6a:4d:c6:79:d6:82:da:32:15:63:64:7c:60:f6:99:f0:df:c2:68

If the certificate is not installed, install it by running the following command:

keytool -importcert -alias GlobalSignIntermediateCA -keystore <JAVA_HOME/lib/security/cacerts> -file gsdomainvalsha2g2r1.crt


To install the certificate, double-click the file gsdomainvalsha2g2r1.crt, and then select install certificate.

Integration Environment

In light of the Logjam security vulnerability, OneSpan Sign has increased its DH SSL key from 1024 bits to 2048 bits.

Older versions of Java and .NET will no longer be able to connect to OneSpan Sign, since they don't support the larger encryption key.

Minimum Requirements


Your JVM must be using Java 1.7.0_21 or higher.

To identify the Java version installed on your system, run the following command:

java -version


Your integration must use .NET framework 4.5 or higher.

To identify the .NET framework installed on your system, follow the instructions in this link:

Java Diagnostics Application

If you are using Java to integrate, we recommend that you download and run our Diagnostics Application. That application checks the compatibility of your JVM with OneSpan Sign's SSL security settings.

You can download the Diagnostics Application here.

To run the Diagnostics Application:

  1. Ensure that you are on the Production JVM, or on a testing JVM that is identical to the Production JVM.
  2. Run the following command:
  3. java -cp securityscanner.jar com.silanis.esl.Scanner
  4. If the test result is negative, an error message appears that begins: Your system is not compatible with eSignlive!