diff --git a/README.md b/README.md
index 7467f03..e281ff8 100644
--- a/README.md
+++ b/README.md
@@ -86,6 +86,7 @@ The Elasticsearch MCP Server supports configuration options to connect to your E
 | `ES_USERNAME` | Elasticsearch username for basic authentication | No |
 | `ES_PASSWORD` | Elasticsearch password for basic authentication | No |
 | `ES_CA_CERT` | Path to custom CA certificate for Elasticsearch SSL/TLS | No |
+| `ES_SSL_SKIP_VERIFY` | Set to '1' or 'true' to skip SSL certificate verification | No |
 | `ES_PATH_PREFIX` | Path prefix for Elasticsearch instance exposed at a non-root path | No |
 | `ES_VERSION` | Server assumes Elasticsearch 9.x. Set to `8` target Elasticsearch 8.x | No |
 
diff --git a/index.ts b/index.ts
index 92cc024..1cf16a3 100644
--- a/index.ts
+++ b/index.ts
@@ -86,8 +86,14 @@ const ConfigSchema = z
     version: z
       .string()
       .optional()
-      .transform((val) => (['8', '9'].includes(val ?? '') ? val : '9'))
-      .describe('Elasticsearch version (8, or 9)')
+      .transform((val) => (['8', '9'].includes(val || '') ? val : '9'))
+      .describe('Elasticsearch version (8, or 9)'),
+
+    sslSkipVerify: z
+      .boolean()
+      .optional()
+      .describe('Skip SSL certificate verification'),
+
   })
   .refine(
     (data) => {
@@ -113,8 +119,7 @@ type ElasticsearchConfig = z.infer<typeof ConfigSchema>
 
 export async function createElasticsearchMcpServer (config: ElasticsearchConfig): Promise<McpServer> {
   const validatedConfig = ConfigSchema.parse(config)
-  const { url, apiKey, username, password, caCert, version, pathPrefix } =
-    validatedConfig
+  const { url, apiKey, username, password, caCert, version, pathPrefix, sslSkipVerify } = validatedConfig
 
   const clientOptions: ClientOptions = {
     node: url,
@@ -140,10 +145,11 @@ export async function createElasticsearchMcpServer (config: ElasticsearchConfig)
   }
 
   // Set up SSL/TLS certificate if provided
+  clientOptions.tls = {}
   if (caCert != null) {
     try {
       const ca = fs.readFileSync(caCert)
-      clientOptions.tls = { ca }
+      clientOptions.tls.ca = ca
     } catch (error) {
       console.error(
         `Failed to read certificate file: ${
@@ -163,6 +169,11 @@ export async function createElasticsearchMcpServer (config: ElasticsearchConfig)
     }
   }
 
+  // Skip verification if requested
+  if (sslSkipVerify != null && sslSkipVerify === true) {
+    clientOptions.tls.rejectUnauthorized = false
+  }
+
   const esClient = new Client(clientOptions)
 
   const server = new McpServer(product)
@@ -486,6 +497,7 @@ const config: ElasticsearchConfig = {
   password: process.env.ES_PASSWORD ?? '',
   caCert: process.env.ES_CA_CERT ?? '',
   version: process.env.ES_VERSION ?? '',
+  sslSkipVerify: process.env.ES_SSL_SKIP_VERIFY === '1' || process.env.ES_SSL_SKIP_VERIFY === 'true',
   pathPrefix: process.env.ES_PATH_PREFIX ?? ''
 }