Skip to content
Latchkey

HTTPie https: Force TLS and Verify Certificates

The https command is HTTPie with the scheme forced to https, so https example.com requests over TLS.

HTTPie installs two entry points: http and https. They are the same program; https just defaults the URL scheme to TLS, saving you from typing the scheme.

What it does

https behaves exactly like http but assumes the https:// scheme when none is given. Certificate verification is on by default; --verify=no disables it and --verify <path> points at a custom CA bundle. --cert and --cert-key supply a client certificate for mutual TLS.

Common usage

Terminal
https example.com/api/health
https --verify=no example.com/api      # skip cert checking (test only)
https --verify=/etc/ssl/ca.pem example.com/api
https --cert=client.pem --cert-key=client-key.pem example.com/api

Options

FlagWhat it does
--verify=yes|noEnable (default) or disable certificate verification
--verify=<path>Use a custom CA bundle for verification
--cert=<file>Client certificate for mutual TLS
--cert-key=<file>Private key for the client certificate
--ssl=<version>Force a TLS version, e.g. tls1.2

In CI

Prefer pointing --verify at the CA bundle over turning verification off. --verify=no hides real chain problems and only belongs against a throwaway self-signed test server.

Common errors in CI

http: error: SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate means the chain is incomplete or the CA is not trusted on the runner; supply the bundle via --verify. [SSL: CERTIFICATE_VERIFY_FAILED] ... self signed certificate means a self-signed cert without a trusted anchor. [SSL: WRONG_VERSION_NUMBER] usually means you spoke TLS to a plain-HTTP port.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →