Add a custom certificate

By default, Zulip generates a signed certificate during the server install process. In some cases, a server administrator may choose not to use that feature, in which case your Zulip server may be using a self-signed certificate. This is most common for Zulip servers not connected to the public internet.


Most browsers will show a warning if you try to connect to a Zulip server with a self-signed certificate.

If you are absolutely, 100% sure that the Zulip server you are connecting to is supposed to have a self-signed certificate, click through the warnings and follow the instructions on-screen.

If you are less than 100% sure, contact your server administrator. Accepting a malicious self-signed certificate would give a stranger full access to your Zulip, including your username and password.


For safety reasons, we require you to manually enter the certificate details before you can connect to your Zulip server. You'll need to get a certificate file (should end in .crt or .pem) from your server administrator.

  1. Click on the gear () icon in the lower left corner.

  2. Select the Organizations tab.

  3. Under Add Custom Certificates, enter your organization URL and add the custom certificate file (should end in .crt or .pem).