ESCWA can be configured for TLS security. See Configuring TLS for the ESCWA Client for more information. When this configuration is performed you must ensure that the process that accesses the API also trusts the root certificate authority which signed the certificate that ESCWA is using for TLS.
For the ESCWA application, or the interactive API, this will be the browser which you are using.
If you are using a scripting language like PowerShell or Python, you will need to ensure that they trust the root certificate authority before making API requests to the TLS enabled ESCWA.