This section describes the following aspects of your system that are required for a successful integration:
Integration with OneSpan Sign is secured via an SSL certificate issued by GlobalSign. Thus that GlobalSign intermediate certificate must be installed in your integration environment.
Certificate serial#: 04 00 00 00 00 01 44 4e f0 3e 20 Thumbprint: 73 6a 4d c6 79 d6 82 da 32 15 63 64 7c 60 f6 99 f0 df c2 68
Download link: https://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt
To see if this certificate is already installed in your environment, run the following command:
keytool -list -keystore <JAVA_HOME/lib/security/cacerts> | grep -i 73:6a:4d:c6:79:d6:82:da:32:15:63:64:7c:60:f6:99:f0:df:c2:68
If the certificate is not installed, install it by running the following command:
keytool -importcert -alias GlobalSignIntermediateCA -keystore <JAVA_HOME/lib/security/cacerts> -file gsdomainvalsha2g2r1.crt
To install the certificate, double-click the file
gsdomainvalsha2g2r1.crt, and then select install certificate.
In light of the Logjam security vulnerability, OneSpan Sign has increased its DH SSL key from 1024 bits to 2048 bits.
Older versions of Java and .NET will no longer be able to connect to OneSpan Sign, since they don't support the larger encryption key.
Your JVM must be using Java 1.7.0_21 or higher.
To identify the Java version installed on your system, run the following command:
Your integration must use .NET framework 4.5 or higher.
To identify the .NET framework installed on your system, follow the instructions in this link: https://msdn.microsoft.com/en-us/library/hh925568
If you are using Java to integrate, we recommend that you download and run our Diagnostics Application. That application checks the compatibility of your JVM with OneSpan Sign's SSL security settings.
You can download the Diagnostics Application here.
To run the Diagnostics Application:
- Ensure that you are on the Production JVM, or on a testing JVM that is identical to the Production JVM.
- Run the following command:
- If the test result is negative, an error message appears that begins: Your system is not compatible with eSignlive!
java -cp securityscanner.jar com.silanis.esl.Scanner