>_OpenCode
~/content/network

Network

Configure proxies and custom certificates.

last_updated: "2026-01-20"

OpenCode supports standard proxy environment variables and custom certificates for enterprise network environments.

##Proxy

OpenCode respects standard proxy environment variables.

bash
# HTTPS proxy (recommended)
export HTTPS_PROXY=https://proxy.example.com:8080

# HTTP proxy (if HTTPS not available)
export HTTP_PROXY=http://proxy.example.com:8080

# Bypass proxy for local server (required)
export NO_PROXY=localhost,127.0.0.1

:::caution The TUI communicates with a local HTTP server. You must bypass the proxy for this connection to prevent routing loops. :::

You can configure the server's port and hostname using CLI flags.

###Authenticate

If your proxy requires basic authentication, include credentials in the URL.

bash
export HTTPS_PROXY=http://username:password@proxy.example.com:8080

:::caution Avoid hardcoding passwords. Use environment variables or secure credential storage. :::

For proxies requiring advanced authentication like NTLM or Kerberos, consider using an LLM Gateway that supports your authentication method.

##Custom certificates

If your enterprise uses custom CAs for HTTPS connections, configure OpenCode to trust them.

bash
export NODE_EXTRA_CA_CERTS=/path/to/ca-cert.pem

This works for both proxy connections and direct API access.

Comments (Coming Soon)

Configure Giscus in environment variables to enable comments.