HTTPie https: Force TLS and Verify Certificates
The https command is HTTPie with the scheme forced to https, so https example.com requests over TLS.
HTTPie installs two entry points: http and https. They are the same program; https just defaults the URL scheme to TLS, saving you from typing the scheme.
What it does
https behaves exactly like http but assumes the https:// scheme when none is given. Certificate verification is on by default; --verify=no disables it and --verify <path> points at a custom CA bundle. --cert and --cert-key supply a client certificate for mutual TLS.
Common usage
https example.com/api/health
https --verify=no example.com/api # skip cert checking (test only)
https --verify=/etc/ssl/ca.pem example.com/api
https --cert=client.pem --cert-key=client-key.pem example.com/apiOptions
| Flag | What it does |
|---|---|
| --verify=yes|no | Enable (default) or disable certificate verification |
| --verify=<path> | Use a custom CA bundle for verification |
| --cert=<file> | Client certificate for mutual TLS |
| --cert-key=<file> | Private key for the client certificate |
| --ssl=<version> | Force a TLS version, e.g. tls1.2 |
In CI
Prefer pointing --verify at the CA bundle over turning verification off. --verify=no hides real chain problems and only belongs against a throwaway self-signed test server.
Common errors in CI
http: error: SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate means the chain is incomplete or the CA is not trusted on the runner; supply the bundle via --verify. [SSL: CERTIFICATE_VERIFY_FAILED] ... self signed certificate means a self-signed cert without a trusted anchor. [SSL: WRONG_VERSION_NUMBER] usually means you spoke TLS to a plain-HTTP port.