Summary
The developer API endpoint at https://app-api-developer.ce.bee.amazon.dev has a TLS certificate that fails standard validation in most HTTPS clients. The bee CLI works (presumably via cert pinning), but standards-compliant clients reject the cert. This blocks integrations from Cloudflare Workers, AWS Lambda, and any platform that enforces TLS verification.
Reproduction
Tested today (2026-05-22) from a Windows host on Comcast residential network.
bee CLI — works
$ bee me
# Profile
- timezone: America/New_York
- first_name: Michael
- last_name: Vassar
curl with default TLS validation — fails
$ curl https://app-api-developer.ce.bee.amazon.dev/v1/me
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection
curl with -k (skip TLS verify) — works
$ curl -k https://app-api-developer.ce.bee.amazon.dev/v1/me -H 'Authorization: Bearer <redacted>'
HTTP 200
{"id":43508,"first_name":"Michael","last_name":"Vassar","timezone":"America/New_York"}
Cloudflare Worker fetch() — fails
HTTP 526 ("invalid SSL certificate"). Workers cannot disable TLS validation, so this is an unrecoverable error from our side.
Diagnosis
- DNS resolves cleanly:
54.200.97.163, 52.11.252.226, 100.23.0.38, 52.43.132.146 (AWS us-west-2)
- The API itself is up and returning correct data
- The cert specifically is being rejected by standard validators — likely an incomplete chain, mismatched name, or untrusted intermediate
- Cert pinning in the bee CLI bypasses the issue but third-party integrations don't have access to that
Impact
Any developer trying to integrate Bee with cloud-based runtimes (Cloudflare Workers, AWS Lambda, GCP Cloud Functions, Vercel Edge Functions, etc.) currently can't. This is a meaningful blocker for the developer ecosystem you're building with the CLI + facts/todos write API.
Ask
Investigate the cert configuration on app-api-developer.ce.bee.amazon.dev — likely needs a corrected chain or rotation. Happy to provide additional reproduction details or test from another network if useful.
Thanks for the great hardware + API — looking forward to building more with it once this is resolved.
Summary
The developer API endpoint at
https://app-api-developer.ce.bee.amazon.devhas a TLS certificate that fails standard validation in most HTTPS clients. ThebeeCLI works (presumably via cert pinning), but standards-compliant clients reject the cert. This blocks integrations from Cloudflare Workers, AWS Lambda, and any platform that enforces TLS verification.Reproduction
Tested today (2026-05-22) from a Windows host on Comcast residential network.
bee CLI — works
curl with default TLS validation — fails
curl with -k (skip TLS verify) — works
Cloudflare Worker fetch() — fails
HTTP 526 ("invalid SSL certificate"). Workers cannot disable TLS validation, so this is an unrecoverable error from our side.
Diagnosis
54.200.97.163, 52.11.252.226, 100.23.0.38, 52.43.132.146(AWS us-west-2)Impact
Any developer trying to integrate Bee with cloud-based runtimes (Cloudflare Workers, AWS Lambda, GCP Cloud Functions, Vercel Edge Functions, etc.) currently can't. This is a meaningful blocker for the developer ecosystem you're building with the CLI + facts/todos write API.
Ask
Investigate the cert configuration on
app-api-developer.ce.bee.amazon.dev— likely needs a corrected chain or rotation. Happy to provide additional reproduction details or test from another network if useful.Thanks for the great hardware + API — looking forward to building more with it once this is resolved.