E-Signing

Get started
Step 1
Step 2
Step 3
​E-Signing APIs
Overview
Signed document formats
E-Signing validator
Web Service functions
Insert sign order
Manage sign orders
Get sign order info
Signed documents
Error response
User experience
Functions
Authentication-based signing
Multi-document signing
Notification call back
eIDs
BankID (NO)
BankID (SE)
BankID on mobile (NO)
Buypass
MitID (DK)
Mobiilivarmenne (FI)
Mobile-ID
Nets One time code
Nets Passport Reader
Smart-ID
Verimi
Finnish Bank ID
Test Users
Service access
KeyUtil
Operational information
Release notes
Error codes
Web Service error codes
User flow error codes
Terms and expressions
Contact us

Service access

​​E-Signing is accessible through both Internet and an Extranet to Nets. A customer test environment is always available as long as you are a customer. At this page you find information about the URLs and IP addresses to the service and how to get your own test and production setup.

Access Endpoints​​

The different URLs  to customer test and production:

​Interface​Customer test​Production
​TrustSignMessage (Internet)https://order.sign-preprod1.nets.eu/tsos/XmlGwhttps://order.e-sign.nets.eu/tsos/XmlGw
​TrustSignMessage (Extranet)https://order-ext.sign-preprod1.nets.eu/tsos/XmlGwhttps://order-ext.sign.nets.eu/tsos/XmlGw
​SignWebhttps://www.sign-preprod1.nets.eu/signhttps://www.e-sign.nets.eu/sign
​XML distributionhttp://91-102-27-1.nets.nohttp://dist.ts.bbs.no
​E-Signing validatorhttps://www.sign-preprod1.nets.eu/validator/index.htmlhttps://www.e-sign.nets.eu/validator/index.html
The different IP addresses to the service:
​Interface​Internet​Extranet
​XML notification (customer test)91.102.27.191.102.26.126
​XML notification (production)91.102.24.15391.102.26.126
​TrustSignMessage (customer test)

91.102.28.53:443

193.161.30.230

​TrustSignMessage (production)91.102.28.89:44391.102.25.184:443
​SignWeb (customer test)

91.102.28.52:443

​Internet only
​SignWeb (production)
91.102.28.79:443
​​Internet only

Legacy endpoints​

The below production endpoints will stop working after 15th December 2024:

​Interface​​Production
​TrustSignMessage (Internet)
https://order.sign.nets.eu/tsos/XmlGw
​SignWebhttps://www.sign.nets.eu/sign
​E-Signing validator​https://www.sign.nets.eu/validator/index.html

TLS Security

The communication with E-Signing is secured using HTTPS. The server certificate used is issued under one of the following Root CAs:

Make sure that both these root CAs are trusted in your applications.

E-Signing only supports TLS 1.2 in the communication. 

XML notification call back​

If XML notification call back shall be used, Nets must be provided with the IP address and port (either 80 or 443). Three authentication models are supported:

  • Basic authentication: Nets must be provided with username and password
  • SSL: Nets must be provided with the root CA certificate
  • SSL client authentication: Nets must be provided with the issuing CA certificate and the client certificate/key store

Read more about notification call back.

Nets issued certificate for SDO seal and merchant sign

Nets offers an organisation certificate to our customers to be used for SDO seal and merchant signing. The certificate will be issued by "Nets AS Intermediate CA". Download the CA certificate chain.

Test and production configuration

To use the E-Signing service, a customer needs its own test and production configuration to use the service.

Note: The demo app available in the get started guide will give you access to a common test configuration. This is predefined and can be used to try out the service. It is however recommended to get your own test configuration when you develop and test your own applications.

Test

To setup your test configuration, follow the below steps:

  1. Contact Nets support to request a test access.
  2. Fill out the information requested from Nets support and return to the given address. This includes:
    1. Info about your organisation.
    2. The service(s) to use.
    3. URLs to your application(s).
    4. The eIDs you will use and some info about specific eID settings.
    5. XML notification call back info (if used).
    6. If using Standalone UI, logo file (png/gif) 150 pixels wide by 88 high.
  3. Generate a certificate request (*.p10 file) for signing and SSL client authentication and return to the given address. The KeyUtil tool may be used to generate this.
  4. Nets support will set up your test configuration and give you the needed credentials (MerchantID and certificate).

To test your application, a set of test users are available here

Production

To setup your production configuration, follow the below steps:

  1. Contact Nets support to request production access.
  2. Fill out the information requested from Nets support and return to the given address. This includes:
    1. Info about your organisation.
    2. The service(s) to use.
    3. URLs to your application(s).
    4. The eIDs you will use and some info about specific eID settings.
    5. XML notification call back info (if used).
    6. If using Standalone UI, logo file (png/gif) 150 pixels wide by 88 high.
  3. Generate a certificate request (*.p10 file) for signing and SSL client authentication and return to the given address. The KeyUtil tool may be used to generate this.
  4. Dependent on the eIDs available you need to enter into an agreement with the specific eID either through Nets as a partner or directly with the eID.
  5. Nets support will set up your production configuration and give you the needed credentials (MerchantID and certificate).

Incident and change notifications

Nets sends out e-mail and SMS notifications to customers during on-going incidents and e-mail notifications in case of customer affected changes. Customers are added to our notification lists upon customer test and production configuration. To receive e-mail and/or SMS notificiations, send your contact details to our support using the Contact us form.  

Nets also sends out monthly SLA reports. If you as a customer wants to receive the report, send your contact details to support using the above form.