Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rocket domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/onlinezo/public_html/wp-includes/functions.php on line 6114
Untrusted Server Certificate issues in Zoom App

Untrusted Server Certificate issues in Zoom App

In certain circumstances, you may encounter an error called Untrusted Server Certificate which occurs when the Zoom application sees a certificate (one of the elements used to establish trust) which is not the one that is expected to be displayed. This may occur for a variety of reasons, including improper setup of the Zoom server.

Zoom provides its customers with proactive security measures such as Untrusted Server Certificate alerts. The Zoom team notifies you that something unexpected has occurred in the way your data has been handled. It may be an indication of a Man-In-The-Middle (MITM) attack, but it is more likely that you have misconfigured your network equipment in the home or business. The greater number of people who work from home (WFH) today means that VPN connections are often the cause of this notification.

Follow this article if you see the following error notification from Zoom:

Security Warning: Untrusted Server Certificate
The connection you are making is not secure. You may be at risk of thieves stealing your financial information or personal information from Zoom. There is no evidence that this server belongs to Zoom. There is a Gateway Authentication certificate on this server.

Notice: Untrusted Server Certificate alerts have now been expanded to include additional information such as the server name on the certificate was incorrect, a failed revocation check, an untrusted certifying authority, or an invalid certificate or associated chain. In addition to being able to look at certificates, users will also be able to troubleshoot issues related to their certificates.

How to resolve Untrusted Certificate errors on personal devices (desktop and mobile)

Resolve time-misalignment

Typically, certificate issues can be attributed to time misalignment, which can have a number of effects. This can occur in cases where you set the time or date of your device incorrectly or when it is not set correctly for the system. Travelers commonly encounter this issue, so it isn’t surprising that you have come across it also in the past.  Nowadays, the vast majority of personal devices involve some type of Network Time Protocol (NTP) server that is widely available, but some devices may be set up in the office to use a local NTP server that is difficult to reach from home.

If your time is incorrect, the first thing you should try is to change this setting and reboot the system before attempting to connect again. If you give the correct time, you may be experiencing the effects of the network security infrastructure.

Resolve Untrusted Certificate

Normally, your IT Admin(s) would have to acquire and install a signed and trusted certificate online if changing the date and time does not help. Then, it would be applied to your device – or to the system they’re using – that would not be passing the expected certification onto you. The IT environment of each enterprise is different; so, your IT organization will have to independently decide how (or whether) to handle this message. Alternatively, your IT organization may just say that you can continue to connect and click Trust Anyway.

You can easily generate this type of alert at home by using many products and services that are available.

I would like to give an example of a message like this by citing the Circle by Disney®. When the device is known and trusted, you can click Trust Anyway to continue uninterrupted on the desktop client if you know it and trust it.

How to resolve Untrusted Certificate errors on shared devices (Zoom Rooms)

There are often NTP/timing errors seen with Zoom Rooms devices as the device time has yet to update or cannot reach the designated Network Time Protocol (NTP) server, especially after coming online for the first time.

There is no way for Zoom to understand the specifics of your individual networking environment. If you are unsure of a connection, verify that it works before selecting Trust Anyway. I have always believed that you should always be more cautious if you are using a public Wi-Fi network (coffee shop, library, etc.).


Frequently Asked Questions

 

Click on Advanced, then Single Sign-On in the navigation menu at the top of the page. In the Service Provider (SP) Certificate section, select the Zoom Certificate (Expires on 01/04/2023 UTC) and then click Edit next to the certificate (Expires on 01/04/2023 UTC). In the event that this action is performed, the certificate will be updated in order to achieve the longest expiration date (the certificate with the longest expiration date).

Untrusted Certificates and how to resolve them

There is a possibility that your IT Administrator(s) may have to procure and install a signed and trusted certificate from the internet to replace an untrusted certificate that is not helpful in correcting the time. This will occur if correcting the time is not successful. This would then be applied to your device, or it would be applied to the system they are using, which isn’t passing the desired certificate to you when it should.

 
Zoom’s official website says that, according to their “Security Warning: Untrusted Server Certificate” notification, if a connection is made using an untrusted server, or if your device is connected to a VPN, the “Security Warning: Untrusted Server Certificate” notification will often appear. If there is a problem with VPN on your device, then you can disable it in order to solve it.
 

I have fixed issue #6 by disabling the VPN.

When a user is simultaneously using a VPN service provider as well as Zoom, the Zoom error 5003 Android seems to pop up more often than not.

 
This link will take you to a page with information about Zoom’s service status and maintenance periods, which will give you up to date information about Zoom’s service status and maintenance periods. There will be an email, text message, or webhook notification sent every time an incident is created, updated, or resolved. A webhook, a text message, or an email can be used to subscribe to updates.