diff --git a/src/Request.ts b/src/Request.ts
index 0d91a8d6..4e008a50 100644
--- a/src/Request.ts
+++ b/src/Request.ts
@@ -161,6 +161,17 @@ export type RequestOptions = {
   /** Default: `64 KiB` */
   highWaterMark?: number;
   signal?: AbortSignal | EventEmitter;
+  /**
+   * If `true`, the server certificate is verified against the list of supplied CAs.
+   * If verification fails, the request promise is rejected.
+   *
+   * This option is only effective when using the top-level request/curl wrapper with
+   * its default dispatcher. It may be ignored when using `HttpClient.request()`
+   * directly or when `dispatcher` is explicitly provided.
+   *
+   * Default: `true`
+   */
+  rejectUnauthorized?: boolean;
 };
 
 export type RequestMeta = {
diff --git a/src/index.ts b/src/index.ts
index 67604e15..d436dfec 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -50,12 +50,6 @@ export function getDefaultHttpClient(rejectUnauthorized?: boolean, allowH2?: boo
 }
 
 interface UrllibRequestOptions extends RequestOptions {
-  /**
-   * If `true`, the server certificate is verified against the list of supplied CAs.
-   * An 'error' event is emitted if verification fails.
-   * Default: `true`
-   */
-  rejectUnauthorized?: boolean;
   /** Allow to use HTTP2 first. Default is `false` */
   allowH2?: boolean;
 }
diff --git a/test/options.rejectUnauthorized.typecheck.test.ts b/test/options.rejectUnauthorized.typecheck.test.ts
new file mode 100644
index 00000000..15618c95
--- /dev/null
+++ b/test/options.rejectUnauthorized.typecheck.test.ts
@@ -0,0 +1,48 @@
+import { strict as assert } from 'node:assert';
+
+import { describe, it, beforeAll, afterAll } from 'vite-plus/test';
+
+import urllib from '../src/index.js';
+import type { RequestOptions } from '../src/index.js';
+import { startServer } from './fixtures/server.js';
+
+describe('options.rejectUnauthorized.typecheck.test.ts', () => {
+  let close: any;
+  let _url: string;
+  beforeAll(async () => {
+    const { closeServer, url } = await startServer({ https: true });
+    close = closeServer;
+    _url = url;
+  });
+
+  afterAll(async () => {
+    await close();
+  });
+
+  it('should accept rejectUnauthorized on RequestOptions type', async () => {
+    // Type check: rejectUnauthorized should be assignable on RequestOptions
+    const options: RequestOptions = {
+      rejectUnauthorized: false,
+      dataType: 'json',
+    };
+    const response = await urllib.request(_url, options);
+    assert.equal(response.status, 200);
+    assert.equal(response.data.method, 'GET');
+  });
+
+  it('should accept rejectUnauthorized = true on RequestOptions type', async () => {
+    const options: RequestOptions = {
+      rejectUnauthorized: true,
+      dataType: 'json',
+    };
+    await assert.rejects(
+      async () => {
+        await urllib.request(_url, options);
+      },
+      (err: any) => {
+        assert.match(err.message, /signed certificate/);
+        return true;
+      },
+    );
+  });
+});