Disable SSL Certificate Checks#

Before you make any changes or contact Zapier support, use the SSL checker to verify your SSL certificates are installed properly!

What are SSL Certificates?#

SSL certificates are a very important part of the internet. These certificates allow encrypted communication between your browser and https://zapier.com. They also allow your browser to guarantee you're actually looking at the webpage we intended. Both of these details prevent would-be attackers from snooping on your private browsing or business data.

SSL certificates are also widely used when dealing with APIs. The same technology that lets your computer's browser talk securely to https://zapier.com also allows Zapier to talk securely to other web services (like Gmail, Salesforce, or Zendesk) in order to access your data on your behalf.

In order for SSL certificates to work, both parties (ie. your browser and https://zapier.com) must "trust" an independent third-party, known as a Certificate Authority (CA), who signs every SSL certificate they issue.

There are hundreds of CAs on the internet. In fact, for SSL to work properly, the list of CAs both parties "trust" must be continually updated -- an onerous detail.

You can find a list of the CAs we trust here.

How does Zapier use SSL Certificates?#

Zapier does checks against SSL certificates on every API call we make to ensure the data we send/receive is secure. Usually, the services we communicate with are responsible for setting up and managing the certificates, so users don't have to think about this part of the process.

Some services, however, allow you to specify your own domain (like Desk, JIRA, SugarCRM, Magento). In most cases, it's required that your domain also have its own SSL certificate for API communication to take place. More importantly, Zapier has to trust the CA that signed your SSL certificate!

It's possible that you'll purchase an SSL certificate that is issued by a CA that Zapier doesn't trust. This does not mean anything is wrong with that CA, we simply haven't added them to our list of trusted ones yet.

When Zapier encounters a certificate from an "untrusted" CA, you might see this type of error:

SSL Error on Zapier

In order to get around this verification step, click "Security" option in your user profile settings that allows you to disable SSL certificate checks. Essentially, this means both parties (your server and Zapier) don't have to trust the CA in order for communication to take place. You'll still need a signed SSL certificate, but we won't enforce that it is valid.

Disable SSL Certificate Checks on Zapier

WARNING: You should only do this as a last resort. Disabling these checks may enable an attacker to manipulate the data sent to Zapier or eavesdrop on data sent out of Zapier to websites with said SSL certificates. If you disable checks and adding an account still yields an SSL error, we highly recommend you revert the option back to enabled then contact support and we can debug further.

NOTE: We are respecting this "disable" option on a case by case basis for services. If you come across a service where you're still hitting SSL errors even after disabling the check, let us know. Currently, this option only affects:

  • Desk
  • Jira
  • Quickbooks
  • Redmine
  • RSS
  • SugarCRM
  • Webhooks

NOTE: An "SSL" error doesn't necessarily imply a certificate problem. For example: "SSLERROR: The read operation timed out" is actually not a certificate problem. This error simply indicates the remote server didn't respond to our requests in a timely manner.

↑ Was this documentation useful? Yes No (Suggest Edits)
Get Help