All Products
Search
Document Center

Alibaba Cloud SDK:Configure HTTPS and TLS settings in the SDK

Last Updated:Jun 16, 2026

The Alibaba Cloud SDK V2.0 for Node.js uses HTTPS for all API requests and validates TLS certificates by default. You can customize these settings for specific compliance requirements or isolated test environments.

Client-level configuration (Config object)

Configure the protocol when you initialize the SDK client. These settings apply to all requests from that client instance.

Set the request protocol

The SDK sends all requests over HTTPS by default. While you can override this for legacy endpoints that only support HTTP, we strongly recommend using HTTPS to protect your data in transit.

Important

Using HTTP sends your request data, including credentials, in clear text. Only use HTTP in trusted, isolated environments.

const { Config } = require('@alicloud/openapi-client');

// This example overrides the secure default to use HTTP.
const config = new Config({
    protocol: 'HTTP',
});
import * as $OpenApi from '@alicloud/openapi-client';

// This example overrides the secure default to use HTTP.
const config = new $OpenApi.Config({
    protocol: 'HTTP', 
});

Request-level configuration (RuntimeOptions object)

Pass a RuntimeOptions object to override settings for a single API call, such as disabling certificate validation during testing.

Disable TLS certificate validation

The SDK validates TLS certificates for all HTTPS requests by default. In non-production environments, such as when using a proxy with a self-signed certificate, you may need to disable this validation temporarily.

Important

Disabling certificate validation is a security risk. Only use this option for testing in trusted environments. Never disable certificate validation in production code.

const { RuntimeOptions } = require('@alicloud/tea-util');

// This option skips certificate validation for a single API call.
const runtime = new RuntimeOptions({
    ignoreSSL: true,
});
import Util, * as $Util from '@alicloud/tea-util';

// This option skips certificate validation for a single API call.
const runtime = new $Util.RuntimeOptions({
    ignoreSSL: true,
});