ODINT
← Back to Cyber Tours

FirmaEC Endpoints

FirmaEC (National Digital Signature System) - Exposed Endpoints & Architecture

Summary

This annex summarizes exposed FirmaEC service endpoints and configuration decisions visible in the broader Ecuador digital signature stack.

Endpoints

Environment URL Protocol Status
Production API https://api.firmadigital.gob.ec/api HTTPS Active
Pre-production API
hibernate auto-update persistence.xml hibernate.hbm2ddl.auto = update in production — auto schema modification
SSL verification disabled All code + CI/CD GIT_SSL_NO_VERIFY: "true" in GitLab CI
JWT key auto-generated ServicioTokenJwt.java If jwt.key missing from standalone.xml, random key generated (changes on restart)

Production API Testing Results

Endpoint Method Result
api.firmadigital.gob.ec/api POST (form-urlencoded) HTTP 200 — "Se debe generar en Base64"
api.firmadigital.gob.ec/api/certificado/revocado POST HTTP 404
api.firmadigital.gob.ec/api/firmar POST HTTP 404
api.firmadigital.gob.ec/api/validarcertificadodigital POST HTTP 404
api.firmadigital.gob.ec/api/verificardocumento POST HTTP 404
impapi.firmadigital.gob.ec Any Timeout (IP-restricted)
testapi.firmadigital.gob.ec Any DNS doesn't resolve externally

Developer Info

Name Email Role
Misael Fernandez [email protected] FirmaEC API lead
Pablo Veintimilla [email protected] Project lead
Oscar Acero [email protected] / [email protected] Dev specialist
Jorge Pazmino [email protected] Dev specialist
Ricardo Arguello FirmaEC core architect / library developer

© 2026 Observatory for Digital Infrastructure and Network Transparency. Independent nonprofit.

Home | Privacy | Terms