Razorpay IPs and Certificates

List of changes that need to be done at your end for whitelisting Razorpay SSL certificates and IP addresses of Razorpay APIs and Webhooks.

Know about the changes you need to make in your environment to whitelist Razorpay-issued SSL certificates and IP addresses used to communicate with Razorpay APIs and Webhooks.

SSL certificates for api.razorpay.com with valid date ranges are listed below:

Certificate FileValid FromExpiry
& May 19th, 2022May 19th, 2023
& July 7th, 2021June 7th, 2022
& March 13th, 2020July 28th, 2021
& April 10th, 2019April 15th, 2020
& Feb 7th, 2016April 12th, 2019

As we roll out our infrastructure changes on a gradual basis, we recommend whitelisting our certificate as per Valid From/Expiry timelines. You should whitelist all the certificates in that range if they overlap.

Handy Tips

We highly discourage pinning our SSL Certificate to your applications. Use the certificates provided in the table above only if you are mandated by internal policies to whitelist Razorpay's SSL Certificates. Instead, you should use the

provided by your OS.

Requests to Razorpay APIs should be routed to api.razorpay.com. This will be resolved to various IPs controlled by our load balancers. However, if there is a restriction of IPs to which the requests should be sent, all your API requests can be routed to prod-api-static.razorpay.com. This will be resolved to any of the following IPs:

Handy Tips

All our SDKs use proper DNS caching and honour the TTLs that we set. However, if you are not using our SDKs, ensure that DNS TTLs set by Razorpay are honoured and are not cached aggressively.

List of Razorpay IPs from which Webhooks are sent from our servers:

We highly recommend using

to validate the integrity of the webhooks, even if you have whitelisted our Webhook IPs.