- Problem: Using an untrusted CA or self-signed certificate
Fix: Use a public CA issued SSL certificate for the webhook callback server.
What's New
Get Started
Administer
Send, Sign, and Manage Agreements
Advanced Agreement Capabilities and Workflows
Integrate with other products
Acrobat Sign Developer
Support and Troubleshooting
Two-way SSL, often called Client-Side SSL or mutual TLS, is a mode of SSL wherein both the server and the client (web browser) present certificates to identify themselves.
Account admins can configure a client-side certificate on the Security Settings page.
Acrobat Sign verifies the SSL certificates when delivering payloads to the webhook URL. Webhooks that fail the SSL certificate verification will not deliver the JSON payload successfully.
Use Two-way SSL to authenticate the client (Acrobat Sign) and listening service to ensure that only Acrobat Sign can reach your webhook URL.
If the webhook was created by a Partner Application, the webhook will use a client certificate (if available) from the Partner Application's Account to identify itself when sending webhook notifications.
Below are the most common questions for both the web server verification process and the client certification verification.
During the registration of a webhook, Acrobat Sign verifies the webhook server URL.
Customers won't be able to register the webhook if the connection to the webhook callback URL cannot be completed from Acrobat Sign.