0

I am trying to test my app with the Demo DocusignAPI at using the endpoint https://demo.docusign/net/restapi/v2/

Question: Is a self-signed SSL certificate acceptable when using the Demo endpoint?

I ask because when I try to use the create_envelope_from_document call, I get the following error message, and I'm trying to determine if my use of a self-signed certificate is contributing to the error:

OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed)

I am using ruby 1.9.3 and rails 3.2.13 on Ubuntu 12.04.

GBatta
  • 41
  • 1
  • 9

1 Answers1

0

Are you talking about including an SSL cert for the event notifications? The only mention I see from their documentation when I search for "SSL" is the 

signMessageWithX509Cert

property on the eventNofication object. This can be viewed on several of their api guide pages like this one.

In any case, with all of the comments that have come in on this thread so far I believe your issue is related to your certificates and not with the DocuSign API. Were you able to resolve this yet?

Ergin
  • 9,254
  • 1
  • 19
  • 28
  • Yes, I am trying get event notifications, as I need them to employ embedded signing. – GBatta Jul 03 '13 at 23:49
  • My understanding is Docusign requires non-self-signed certificates, but I wasn't sure if this was only true for production environments. – GBatta Jul 04 '13 at 00:03
  • Do you mean you need them from a business/security perspective to get embedded signing to work? Embedded signing definitely works without SSL... URL tokens are generated that are only valid for 5 mins. In any case, this should work in demo so error might be with you certificate... – Ergin Jul 04 '13 at 00:21
  • For an example of embedded signing see here, examples in 6 different languages, none use SSL: http://iodocs.docusign.com/APIWalkthrough/embeddedSigning – Ergin Jul 04 '13 at 00:30
  • No, not at all from a business/security perspective. I've installed the docusign_rest gem from https://github.com/j2fly/docusign_rest and have been attempting to follow the documentation there, but received this error message. Glad to know embedded signing should work without SSL, so error is probably with my certificate, as you note. Thanks very much, this helps isolate the issue. – GBatta Jul 04 '13 at 00:42
  • We are also using the docusign_rest gem in conjuction with our own code to create composite templates and embedded signing. We are using docusing_rest for logging in and are stumped with the same SSL problem on the server we are trying to deploy (not localhost). Could you explain how you have achieved to skip SSL for docusign logging? We did try loading ca-certificates as recommended in other places, but that solution is not working well. It would be great if we can skip this check for demo. Thanks! – Shalvika Jul 24 '13 at 20:59
  • Hi, I just noticed your comment! I'm trying to recall what I did; I believe what worked for me is documented here: http://stackoverflow.com/questions/8101377/certificate-verify-failed-openssl-error-when-using-ruby-1-9-3. I had to download a new certificate, and then rename it to "cert.pem." – GBatta Jul 27 '13 at 05:02
  • Also, one docusign_rest repo fork talks about modifying the certs for testing purposes, though I haven't tried his solution: https://github.com/codeandfury/docusign_rest/tree/template-custom-fields – GBatta Jul 27 '13 at 05:11