¿Is Let's Encrypt certificate authority a valid CA for Zoom Webhooks?

I’m trying to create a Webhook app using “https://softalks.com/zoom/handler” as “Event notification endpoint URL”. After pushing the “Validate” button I get the “Invalid TLS certificate” error message that makes impossible to go beyond

  • I’m using the https scheme
  • My server is using TLS 1.2
  • My certificate is valid, references a FQDN and has a valid certificate chain (you can type the URL in the Google Chrome location bar to test it)
  • My endpoint is able to process post requests with a JSON payload
  • My endpoint is also able to respond with an HTTP status code (204, if everything is Ok)

The only reason I can imagine to mark my TLS certificate as invalid is not to trust the CA issuing the certificate (Let’s Encrypt). I think I’m not the unique user of Let’s Encrypt trying to deal with Zoom webhooks so I suppose this is not the problem because I haven’t found anything about it in this forum

I miss also a list of valid certificate authorities to check if this is the real problem or to know where to go in order to get my server FQDN signed by a valid CA

So, if Let’s Encrypt is not valid for Zoom, please tell me one or more valid CA to try with. And, if it is valid, ¿could you help me please to make it work?

Thanks in advance

I think the issue is that they have not implemented validation yet even though they are enforcing it on the front end. Could be wrong but it seems like many people are experiencing this issue. Until I see a response to one of the posts on the topic I will assume this is the case and wait for the implementation or removal of the enforcement. Zoom Developer Docs

Hey @harold ,

That message in the docs is outdated and is being removed. The validation portion is implemented, and is working on my end when testing an Ngrok flow.

@harold , @santiago.ruiz , So we can get a baseline, are you able to successfully validate your Webhook when running this sample locally with Ngrok or on heroku?


Thank you for your fast response

I don’t know how Ngrok or heroku could help because my problem is not with the server code that is not even invoked when the “Validate” button is pressed

My problem seems to be a TLS problem but I need more information to solve it. Google Chrome has no problems with my TLS certificate but Zoom don’t like it

I’ve changed my certificate to be signed by another CA (To avoid Let’s Encrypt that is free) and my problem persists: “Invalid TLS certificate” . I could pay for a better CA because this was a 10 (lost) bucks trial but I prefer to be sure it’s necessary to do so

I need to know if my CA is good enough and, if not, a reference to the list of “Zoom friendly” certificate authorities

If the problem is not with my CA I need more information to fix it (Invalid TLS certificate is not enough)

Thank you

The “Validate” button is gone. I suppose I was not the only one having problems with it. I’ve created my webhook app and it is calling my server and accepting my TLS certificate

1 Like