diff --git a/CHANGELOG.md b/CHANGELOG.md
index 69dc8f4c..87b545c5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,8 +14,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   documentation][setref] for more information.
 - Trash git repository URL can be overridden in settings.
 - Schema added for `settings.yml`.
+- Add setting to bypass HTTPS certificate validation (useful for self-signed certificates used with
+  Sonarr and Radarr instances) ([#20]).
 
 [setref]: https://github.com/rcdailey/trash-updater/wiki/Settings-Reference
+[#20]: https://github.com/rcdailey/trash-updater/issues/20
 
 ### Fixed
 
diff --git a/src/Common/Common.csproj b/src/Common/Common.csproj
index 25cebc40..f64ab181 100644
--- a/src/Common/Common.csproj
+++ b/src/Common/Common.csproj
@@ -2,6 +2,7 @@
   <ItemGroup>
     <PackageReference Include="Autofac" />
     <PackageReference Include="FluentValidation" />
+    <PackageReference Include="Flurl.Http" />
     <PackageReference Include="Newtonsoft.Json" />
     <PackageReference Include="Serilog" />
     <PackageReference Include="System.Reactive" />
diff --git a/src/Common/Networking/UntrustedCertClientFactory.cs b/src/Common/Networking/UntrustedCertClientFactory.cs
new file mode 100644
index 00000000..cfea8235
--- /dev/null
+++ b/src/Common/Networking/UntrustedCertClientFactory.cs
@@ -0,0 +1,15 @@
+using System.Net.Http;
+using Flurl.Http.Configuration;
+
+namespace Common.Networking;
+
+public class UntrustedCertClientFactory : DefaultHttpClientFactory
+{
+    public override HttpMessageHandler CreateMessageHandler()
+    {
+        return new HttpClientHandler
+        {
+            ServerCertificateCustomValidationCallback = (_, _, _, _) => true
+        };
+    }
+}
diff --git a/src/Trash/Command/ServiceCommand.cs b/src/Trash/Command/ServiceCommand.cs
index fea39d6d..53f3a529 100644
--- a/src/Trash/Command/ServiceCommand.cs
+++ b/src/Trash/Command/ServiceCommand.cs
@@ -5,6 +5,7 @@ using CliFx;
 using CliFx.Attributes;
 using CliFx.Exceptions;
 using CliFx.Infrastructure;
+using Common.Networking;
 using Flurl.Http;
 using Flurl.Http.Configuration;
 using JetBrains.Annotations;
@@ -120,6 +121,8 @@ public abstract class ServiceCommand : ICommand, IServiceCommand
 
             settings.JsonSerializer = new NewtonsoftJsonSerializer(jsonSettings);
             FlurlLogging.SetupLogging(settings, _log);
+
+            settings.HttpClientFactory = new UntrustedCertClientFactory();
         });
     }
 
diff --git a/src/TrashLib/Config/Settings/SettingsValues.cs b/src/TrashLib/Config/Settings/SettingsValues.cs
index 7f1bef5d..66dab0c0 100644
--- a/src/TrashLib/Config/Settings/SettingsValues.cs
+++ b/src/TrashLib/Config/Settings/SettingsValues.cs
@@ -8,4 +8,5 @@ public record TrashRepository
 public record SettingsValues
 {
     public TrashRepository Repository { get; init; } = new();
+    public bool EnableSslCertificateValidation { get; init; } = true;
 }
diff --git a/wiki/Settings-Reference.md b/wiki/Settings-Reference.md
index 926dfd2f..9fddf0a8 100644
--- a/wiki/Settings-Reference.md
+++ b/wiki/Settings-Reference.md
@@ -38,6 +38,18 @@ Table of Contents
 
 - [Repository Settings](#repository-settings)
 
+## Global Settings
+
+```yml
+enable_ssl_certificate_validation: true
+```
+
+- `enable_ssl_certificate_validation`<br>
+  If set to `false`, SSL certificates are not validated. This is useful if you are connecting to a
+  Sonarr or Radarr instance using `https` and it is set up with self-signed certificates. Note that
+  disabling this setting is a **security risk** and should be avoided unless you are absolutely sure
+  what you are doing.
+
 ## Repository Settings
 
 ```yml