diff --git a/configuration.go b/configuration.go
index 64b5f7da3..406d0f88f 100644
--- a/configuration.go
+++ b/configuration.go
@@ -33,6 +33,7 @@ type GlobalConfiguration struct {
 	DefaultEntryPoints        DefaultEntryPoints      `description:"Entrypoints to be used by frontends that do not specify any entrypoint"`
 	ProvidersThrottleDuration time.Duration           `description:"Backends throttle duration: minimum duration between 2 events from providers before applying a new configuration. It avoids unnecessary reloads if multiples events are sent in a short amount of time."`
 	MaxIdleConnsPerHost       int                     `description:"If non-zero, controls the maximum idle (keep-alive) to keep per-host.  If zero, DefaultMaxIdleConnsPerHost is used"`
+	InsecureSkipVerify        bool                    `description:"Disable SSL certificate verification"`
 	Retry                     *Retry                  `description:"Enable retry sending request if network error"`
 	Docker                    *provider.Docker        `description:"Enable Docker backend"`
 	File                      *provider.File          `description:"Enable File backend"`
diff --git a/docs/toml.md b/docs/toml.md
index 552365887..b184d5b46 100644
--- a/docs/toml.md
+++ b/docs/toml.md
@@ -46,6 +46,13 @@
 #
 # MaxIdleConnsPerHost = 200
 
+# If set to true invalid SSL certificates are accepted for backends.
+# Note: This disables detection of man-in-the-middle attacks so should only be used on secure backend networks.
+# Optional
+# Default: false
+#
+# InsecureSkipVerify = true
+
 # Entrypoints to be used by frontends that do not specify any entrypoint.
 # Each frontend can specify its own entrypoints.
 #
diff --git a/traefik.go b/traefik.go
index 8bc01e7bc..be0049e54 100644
--- a/traefik.go
+++ b/traefik.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"crypto/tls"
 	"encoding/json"
 	"fmt"
 	fmtlog "log"
@@ -173,6 +174,9 @@ func run(traefikConfiguration *TraefikConfiguration) {
 	globalConfiguration := traefikConfiguration.GlobalConfiguration
 
 	http.DefaultTransport.(*http.Transport).MaxIdleConnsPerHost = globalConfiguration.MaxIdleConnsPerHost
+	if globalConfiguration.InsecureSkipVerify {
+		http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
+	}
 	loggerMiddleware := middlewares.NewLogger(globalConfiguration.AccessLogsFile)
 	defer loggerMiddleware.Close()
 
diff --git a/traefik.sample.toml b/traefik.sample.toml
index 266e8c0cb..9d3953142 100644
--- a/traefik.sample.toml
+++ b/traefik.sample.toml
@@ -47,6 +47,13 @@
 #
 # MaxIdleConnsPerHost = 200
 
+# If set to true invalid SSL certificates are accepted for backends.
+# Note: This disables detection of man-in-the-middle attacks so should only be used on secure backend networks.
+# Optional
+# Default: false
+#
+# InsecureSkipVerify = true
+
 # Entrypoints to be used by frontends that do not specify any entrypoint.
 # Each frontend can specify its own entrypoints.
 #