diff --git a/core/server_config.go b/core/server_config.go
index b99fa9cffc..a76ad3883b 100644
--- a/core/server_config.go
+++ b/core/server_config.go
@@ -85,6 +85,7 @@ type TLSConfig struct {
 	CertKeyFile          string `koanf:"certkeyfile"`
 	TrustStoreFile       string `koanf:"truststorefile"`
 	legacyTLS            *NetworkTLSConfig
+	InsecureSkipVerify   bool `koanf:"insecureskipverify"`
 }
 
 // Enabled returns whether TLS should be enabled, according to the global config.
diff --git a/pki/pki.go b/pki/pki.go
index f158a650ab..84cf2b6acd 100644
--- a/pki/pki.go
+++ b/pki/pki.go
@@ -94,6 +94,7 @@ func (p *PKI) CreateTLSConfig(cfg core.TLSConfig) (*tls.Config, error) {
 		return nil, err
 	}
 	_ = p.SetVerifyPeerCertificateFunc(tlsConfig) // no error can occur
+	tlsConfig.InsecureSkipVerify = cfg.InsecureSkipVerify
 	return tlsConfig, nil
 }