I am building an app that relies on webhooks as a core part of its functionality. As of today (30th of December 2022), validating the webhook fails with the following error: “Invalid TLS certificate”.
Important things to note:
- The certificate is issued by Lets Encrypt (via certbot)
- The certificate is considered valid by Mozilla Firefox and Google Chrome
I have found the following (unsolved) issues on the developer forum:
- ¿Is Let's Encrypt certificate authority a valid CA for Zoom Webhooks?
- Unable to save (Add or Edit) Event Subscriptions for Zoom App
Both of these issues ended up being solved by globally disabling validation
API Endpoint(s) and/or Zoom API Event(s)
meeting.participant_joined_waiting_room
(https://marketplace.zoom.us/docs/api-reference/zoom-api/events/#operation/meeting.participant_joined_waiting_room)
Error
Invalid TLS certificate
How To Reproduce
Before you set this up, you need a domain you can test this with. ###
everywhere in these instructions (or domains referenced in third party instructions) refer to this domain.
- Spin up a server (we are using Vultr in Sydney as our provider, Ubuntu 22.04)
- Obtain a Lets Encrypt certificate by following the relevant instructions (Software: other, System: Ubuntu 20): Certbot Instructions | Certbot
- Clone down the example app (GitHub - trickypr/webhook-sample-node.js: Receive Zoom Webhooks) (this fork has https support)
- Run
npm install
- Set env variables (in .env)
ZOOM_WEBHOOK_SECRET_TOKEN
to the relevant secret (described in README) andPORT=443
- Set env
KEY=/etc/letsencrypt/live/###/privkey.pem
where ### is your certificate’s domain name - Set env
CERT=/etc/letsencrypt/live/###/cert.pem
where ### is your certificate’s domain name - Run the application via
node index.js
- Visit the domain you assigned in a web browser to see it is
- Secure and
- returning something like “Webhook Sample Node.js successfully running. Set this URL …”
- Go back to the webhook app that you got the secret from and register a webhook (e.g. “Participant was admitted into a meeting”) to
https://###/webhook
where ### is your domain - Press validate
- Text will popup below the URL box saying “Invalid TLS certificate”