Locking new features to HTTPS is easily the most frustrating web platform move, it rules out whole classes of appspic.twitter.com/KTVdtHDBPd
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
Why can't you just get a junk domain like mycompany-internal[.]com and a wildcard cert?
wildcard certs are pretty hard to get these days iirc, but you also want SNI so third parties can't easily adopt the domain
remember https and webapps don't have any real code signing mechanism, so any stolen https url can be abused
with webapp permissions tied to https, that's actually Worse Than HTTP. 127.0.0.1 lock limits the damage a lot
Yes it's not following best practice of per-host certs (no wildcards) but it's a lot better than plain http.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.