An Untrusted Server Certificate error indicates that the certificate (one of the elements proving that data is only going to trusted locations online) that the Zoom application is seeing is not the certificate that was expected. This can happen for a variety of reasons.
Untrusted Server Certificate alerts are a proactive security measure provided by Zoom. You are notified that there is something unexpected in how your data from Zoom is being handled. While this can be indicative of a Man-In-The-Middle (MITM) attack, it is more commonly misconfigured networking gear within your home or enterprise. In today’s heavily work-from-home (WFH) culture, VPN connections can often create this notification as well.
Follow this article if you see the following error notification from Zoom:
Security Warning: Untrusted Server Certificate
Your connection is not private. Attackers might be trying to steal your personal or financial information from Zoom. This server could not prove that it is Zoom. Its certificate is from Gateway Authentication.
Note: Untrusted Server Certificate alerts will now provide additional information about the error such as the server name on the certificate is incorrect, failed revocation check, untrusted certifying authority, or an invalid certificate or associated chain. Users will also be able to view the certificates to assist in troubleshooting.
This article covers:
The most common cause of certificate issues is time-misalignment. This can occur when the time or date set for your device is incorrect or different then what the system expects. If you are a frequent traveler, you have likely encountered this in the past. Most personal devices today utilize some type of widely available Network Time Protocol (NTP) Server, but some machines are set to use a local NTP Server set up in the office which you may not be able to reach from home.
If your time is incorrect, you can start by changing this setting and rebooting before trying to connect again. If your time is correct, you may be under the effects of the network security infrastructure.
If correcting the time doesn't help, typically, your IT Admin(s) would need to procure and install a signed and trusted certificate online. They would then apply this onto your device—or into the system they’re using—that is not passing the expected certificate on to you. All enterprise IT environments are different; so, your IT organization will independently decide how (or if) to resolve this message. They may also just tell you to click Trust Anyway and continue connecting.
At home, there are many products and services that would generate this kind of alert automatically. An example of this would be the Circle by Disney®. In the case where the device is known and you trust it, you could click Trust Anyway and continue uninterrupted on desktop clients.
For Zoom Rooms devices, NTP/timing errors are often seen immediately after coming online for the first time as the device time has yet to update or cannot reach the designated Network Time Protocol (NTP) server.
Zoom cannot know the detailed information about your individual networking environment. It is always best to verify any connection before selecting Trust Anyway. If you’re in a public Wi-Fi environment (coffee shop, library, etc.), you should always be more cautious.