diff --git a/doc/examples/agent/simple.json b/doc/examples/agent/simple.json
index 2a7486c55a..3822807379 100644
--- a/doc/examples/agent/simple.json
+++ b/doc/examples/agent/simple.json
@@ -23,7 +23,7 @@
 
         // TLS require client certificates flag. Default is true and means
         // require client certificates. False means they are optional.
-        "file-required": true,
+        "cert-required": true,
 
         // Optional authentication.
         "authentication":
diff --git a/src/bin/agent/tests/ca_cfg_mgr_unittests.cc b/src/bin/agent/tests/ca_cfg_mgr_unittests.cc
index 0e61a79f4b..66784c269c 100644
--- a/src/bin/agent/tests/ca_cfg_mgr_unittests.cc
+++ b/src/bin/agent/tests/ca_cfg_mgr_unittests.cc
@@ -67,6 +67,25 @@ TEST(CtrlAgentCfgMgr, contextHttpParams) {
     EXPECT_EQ("alnitak", ctx.getHttpHost());
 }
 
+// Tests if context can store and retrieve TLS parameters.
+TEST(CtrlAgentCfgMgr, contextTlsParams) {
+    CtrlAgentCfgContext ctx;
+
+    // Check TLS parameters
+    ctx.setTrustAnchor("my-ca");
+    EXPECT_EQ("my-ca", ctx.getTrustAnchor());
+
+    ctx.setCertFile("my-cert");
+    EXPECT_EQ("my-cert", ctx.getCertFile());
+
+    ctx.setKeyFile("my-key");
+    EXPECT_EQ("my-key", ctx.getKeyFile());
+
+    EXPECT_TRUE(ctx.getCertRequired());
+    ctx.setCertRequired(false);
+    EXPECT_FALSE(ctx.getCertRequired());
+}
+
 // Tests if context can store and retrieve control socket information.
 TEST(CtrlAgentCfgMgr, contextSocketInfo) {
 
@@ -342,6 +361,16 @@ const char* AGENT_CONFIGS[] = {
     "            \"user-context\": { \"version\": 1 }\n"
     "        }\n"
     "    }\n"
+    "}",
+
+    // Configuration 9: https aka http over TLS
+    "{\n"
+    "    \"http-host\": \"betelgeuse\",\n"
+    "    \"http-port\": 8001,\n"
+    "    \"trust-anchor\": \"my-ca\",\n"
+    "    \"cert-file\": \"my-cert\",\n"
+    "    \"key-file\": \"my-key\",\n"
+    "    \"cert-required\": false\n"
     "}"
 };
 
@@ -578,4 +607,16 @@ TEST_F(AgentParserTest, comments) {
     EXPECT_EQ("true", ctx9->get("no password")->str());
 }
 
+// This test checks if a config with TLS parameters is parsed properly.
+TEST_F(AgentParserTest, configParseTls) {
+    configParse(AGENT_CONFIGS[9], 0);
+
+    CtrlAgentCfgContextPtr ctx = cfg_mgr_.getCtrlAgentCfgContext();
+    ASSERT_TRUE(ctx);
+    EXPECT_EQ("my-ca", ctx->getTrustAnchor());
+    EXPECT_EQ("my-cert", ctx->getCertFile());
+    EXPECT_EQ("my-key", ctx->getKeyFile());
+    EXPECT_FALSE(ctx->getCertRequired());
+}
+
 } // end of anonymous namespace