The API accepts an empty string without an error, but it either leaves the https-layer alone or it sets it to "Default Layer" (I only have the one HTTPS layer in my lab, so I don't know which it's doing). "None", "null", "nil" all complain the object isn't found. Various special UUIDs such as 97aeb36a-9aea-11d5-bd16-0090272ccb30 (the UUID for the None object) all throw "Runtime error: HV000028: Unexpected exception during isValid call." (I didn't expect these to work).

This isn't a big deal, just odd.

The only way to remove HTTPS inspection is by removing the access policy (access false). 

This is true for API and SmartConsole.

Why do you think not showing them separately in the show and set commands?

The values are different, Access holds the Access layers. and https-inspection-policy holds the the HTTPS inspection layer.

you can override the https inspection layer with other layers.

in case you don't want to use https. then make sure that the GW doesn't have https inspection on.

It makes sense to show the HTTPS Inspection layer and the access layers separately, sure. Those are the keys 'https-inspection-layer' and 'access-layers', though. They are not what I'm talking about.

In 'show package', the returned data has a key 'access' containing a Bool for whether access control is enabled and a separate key 'https-inspection-policy' containing a Bool for whether HTTPS Inspection is enabled. It seems like those two will always have the same value, won't they? So having two separate keys is a little odd.

The description of 'https-inspection-policy' even says "True - enables, False - disables HTTPS Inspection policy, empty - nothing is changed." but you can't set it.

I suspect enabling/disabling HTTPS Inspection in a specific policy package is done through a non-REST API method.
Which would explain why the API doesn't have a way to specify it currently.