SUPPORT.TWILIO.COM END OF LIFE NOTICE: This site,, is scheduled to go End of Life on February 27, 2024. All Twilio Support content has been migrated to, where you can continue to find helpful Support articles, API docs, and Twilio blog content, and escalate your issues to our Support team. We encourage you to update your bookmarks and begin using the new site today for all your Twilio Support needs.

Can I use my company's TLS certificate for API requests using the Twilio CLI?

Transport Layer Security (TLS) ensures data security during communication over a network. In modern browsers, a lock icon next to the address bar usually indicates a connection secured over TLS.

Some companies have restricted environments where some or all external outbound traffic is proxied through specialized equipment that provides visibility into encrypted traffic. In order to do this, the company might install additional CA certificates on each machine in the correct location for your trust store.

By proxying the external traffic using their own TLS certificate, the company is able to decrypt traffic from the machine to their server, then re-encrypt it before handing it off to the external outbound destination (such as the Twilio API). These certificates will also ensure that the lock icon will still be indicated next to the URL in the address bar when using a browser.

If you receive an error message such as  Error: unable to get local issuer certificate when using the Twilio CLI, you can take the following steps to resolve the connectivity issue:

If the above steps do not work, we recommend that you work with your company's Information Technology department to add * domains to their allow-list so that TLS traffic to Twilio will not be proxied.

Why doesn't the Twilio CLI use the bundle of trusted CA certificates already installed on my work machine?

The Twilio CLI is built using NodeJS which uses its own list of trusted CA certificates instead of a default trust store. 


If you encounter TLS issues when making Twilio API requests using the CLI, you may need to set an environment variable for your company's CA certificates.

Additional resources

Have more questions? Submit a request
Powered by Zendesk