diff --git a/tdx-cli/cmd/token.go b/tdx-cli/cmd/token.go
index fb6e29a..16c8d1f 100644
--- a/tdx-cli/cmd/token.go
+++ b/tdx-cli/cmd/token.go
@@ -79,6 +79,10 @@ func getToken(cmd *cobra.Command) error {
 		return errors.New("Either Trust Authority API URL or Trust Authority API Key is missing in config")
 	}
 
+	if !strings.HasPrefix(config.TrustAuthorityApiUrl, "https://") {
+		return errors.New("Invalid Trust Authority API URL, must start with 'https://'")
+	}
+
 	_, err = url.ParseRequestURI(config.TrustAuthorityApiUrl)
 	if err != nil {
 		return errors.Wrap(err, "Invalid Trust Authority API URL")
diff --git a/tdx-cli/cmd/verify.go b/tdx-cli/cmd/verify.go
index 9c0c194..3aafcda 100644
--- a/tdx-cli/cmd/verify.go
+++ b/tdx-cli/cmd/verify.go
@@ -12,6 +12,7 @@ import (
 	"fmt"
 	"net/url"
 	"os"
+	"strings"
 
 	"github.com/intel/trustauthority-client/go-connector"
 	"github.com/intel/trustauthority-client/tdx-cli/constants"
@@ -65,6 +66,10 @@ func verifyToken(cmd *cobra.Command) error {
 		return errors.New("Trust Authority URL is missing in config")
 	}
 
+	if !strings.HasPrefix(config.TrustAuthorityUrl, "https://") {
+		return errors.New("Invalid Trust Authority URL, must start with 'https://'")
+	}
+
 	_, err = url.ParseRequestURI(config.TrustAuthorityUrl)
 	if err != nil {
 		return errors.Wrap(err, "Invalid Trust Authority URL")