In Retool, you can make API requests with http, but not with https

Sorry for the abstract question.
In the API running through Retool,
If the URL is "http", it can be executed. However, it is not possible to execute with "https".
After investigating, I thought that it would be necessary to add a setting for "https" to docker.env, but I would like to know what specific settings need to be added.

1 Like

Hi @Ngashima, are you able to reach your https API from somewhere other than retool? Given that it's not working only with https requests, it might be an issue with your SSL certificate. I would recommend checking your DNS configuration and load balancer to ensure they're correctly configured for SSL. Also I would double check that the ports used for SSL (typically 443) are correctly exposed and mapped in your Docker configuration.

In Retool, what are the necessary settings for an API connection using HTTPS?

Can I refer to the following site?
If so, do I just need to set the SSL with Let's Encrypt and Connect to APIs using HTTPS?
Please let us know if there are any other necessary settings.

Hi @k-yanagihara, the doc you attached is for Retool Deployment. If you need to configure SSL for a resource, you do not need to do all of that. Follow this doc instead.

Hi @Paulo
Thank you for your reply.

Do I always have to click the Use self-signed certificates checkbox to connect to the API with https in Retool?

If so, please let me ask about the following

①Is it OK to leave CA Certificate, Client Key and Client Certifcate blank?

② For Verification modes, should I select Full verification ?

SSL/TLS may not be strictly required in all cases, but using it is highly recommended to ensure the privacy and security of your data. The choice between full verification, verifying the CA certificate, or skipping CA certificate verification depends on the level of security required for your specific use case. Generally, it's best to opt for full verification whenever possible to ensure the integrity and authenticity of the SSL/TLS connections.

@Ngashima, what endpoint are we trying to reach with the request? I'm surprised that the request can't be executed with https

@Paulo

If the API I want to connect to has a public certificate and does not require the client to provide a client-side certificate, can I just leave the settings on retool blank as shown below?

①Check Use self-signed certificates.
②CA Certificate, Client Key and Client Certificate are blank.

If the endpoint does not require it, then yes. You can leave those blank and just select Skip CA certificate.