+ Start a Discussion
Saurabh Kulkarni 37Saurabh Kulkarni 37 

HTTP callout certificate requirements

I'm making a REST callout to a client webservice which is a https URL. I know that salesforce cannot make a call to an endpoint which has self-signed certificate. The certificate which client has on the endpoint is signed by thier company named CA, say "CompanyX CA". Is there any list of CA that is supported by Salesforce? or if the endpoint certificate signed by any CA would work for callout?
Hi Saurabh,

You can refer following Knowldge article which talks about SSL certificates Salesforce support.

In addition if its for outbound messaging you can refer https://developer.salesforce.com/page/Outbound_Messaging_SSL_CA_Certificates

Saurabh Kulkarni 37Saurabh Kulkarni 37
Thank you Prasanna for your response.

Is there any way by which the outbound call we are doing can trust this client certificate? The client is not ready to get a new certitficate signed by some public CAs. They already have certificate signed by CA of their own company which is not listed in the link you mentioned.

what all options can be there in this case? I'm making the REST callout through apex.