Ideas: * with local cert, cacert and key on the cli * with auto tls from echo * force redirect to https (middleware?)