diff --git a/.env.example b/.env.example
index 53f005c..cb23c6a 100644
--- a/.env.example
+++ b/.env.example
@@ -6,6 +6,9 @@ OPNSENSE_HOST=https://your-opnsense.local
 # Optional
 OUTPUT_DIRECTORY=./certs
 
+# Optional: disable SSL verification for self-signed certificates
+# VERIFY_SSL=false
+
 # Optional: file permissions (Linux only)
 # FILE_OWNER=root
 # FILE_GROUP=root
diff --git a/README.md b/README.md
index 6976b79..b9d4e1b 100644
--- a/README.md
+++ b/README.md
@@ -68,6 +68,9 @@ OPNSENSE_HOST=https://your-opnsense.local
 # Optional
 OUTPUT_DIRECTORY=./certs
 
+# Optional: disable SSL verification for self-signed certificates
+# VERIFY_SSL=false
+
 # Optional: file permissions (Linux only)
 # FILE_OWNER=root
 # FILE_GROUP=root
@@ -82,6 +85,7 @@ OUTPUT_DIRECTORY=./certs
 | `OPNSENSE_API_SECRET` | Yes | OPNsense API secret |
 | `OPNSENSE_HOST` | Yes | OPNsense URL (e.g., `https://192.168.1.1`) |
 | `OUTPUT_DIRECTORY` | No | Directory to save exported certificates (default: `./certs`) |
+| `VERIFY_SSL` | No | Set to `false` to disable SSL verification for self-signed certs (default: `true`) |
 | `FILE_OWNER` | No | Set file owner (Linux only) |
 | `FILE_GROUP` | No | Set file group (Linux only) |
 | `FILE_MODE` | No | Set file permissions in octal (e.g., `0600`) |
diff --git a/main.py b/main.py
index cd2173e..01bc94b 100644
--- a/main.py
+++ b/main.py
@@ -36,6 +36,7 @@ def get_config():
         'api_secret': os.environ['OPNSENSE_API_SECRET'],
         'host': os.environ['OPNSENSE_HOST'],
         'output_directory': os.environ.get('OUTPUT_DIRECTORY', './certs'),
+        'verify_ssl': os.environ.get('VERIFY_SSL', 'true').lower() != 'false',
         'file_owner': os.environ.get('FILE_OWNER'),
         'file_group': os.environ.get('FILE_GROUP'),
         'file_mode': os.environ.get('FILE_MODE'),
@@ -45,14 +46,23 @@ def get_config():
 def search_certificates(config, search_phrase):
     url = f"{config['host']}/api/trust/cert/search"
     payload = {"searchPhrase": search_phrase}
-    response = requests.post(url, json=payload, auth=HTTPBasicAuth(config['api_key'], config['api_secret']))
+    response = requests.post(
+        url,
+        json=payload,
+        auth=HTTPBasicAuth(config['api_key'], config['api_secret']),
+        verify=config['verify_ssl']
+    )
     response.raise_for_status()
     return response.json().get("rows", [])
 
 
 def export_certificate(config, uuid, format):
     url = f"{config['host']}/api/trust/cert/generate_file/{uuid}/{format}"
-    response = requests.post(url, auth=HTTPBasicAuth(config['api_key'], config['api_secret']))
+    response = requests.post(
+        url,
+        auth=HTTPBasicAuth(config['api_key'], config['api_secret']),
+        verify=config['verify_ssl']
+    )
     response.raise_for_status()
     return response.json().get("payload")