diff --git a/pkg/extensions/sync/sync.go b/pkg/extensions/sync/sync.go
index 178b46eb..6633a7ec 100644
--- a/pkg/extensions/sync/sync.go
+++ b/pkg/extensions/sync/sync.go
@@ -106,6 +106,11 @@ func getUpstreamCatalog(regCfg *RegistryConfig, credentials Credentials, log log
 		client.SetCertificates(cert)
 	}
 
+	// nolint: gosec
+	if regCfg.TLSVerify != nil && !*regCfg.TLSVerify {
+		client.SetTLSClientConfig(&tls.Config{InsecureSkipVerify: true})
+	}
+
 	if credentials.Username != "" && credentials.Password != "" {
 		log.Debug().Msgf("sync: using basic auth")
 		client.SetBasicAuth(credentials.Username, credentials.Password)
diff --git a/pkg/extensions/sync/sync_test.go b/pkg/extensions/sync/sync_test.go
index af8d5df7..96e347d7 100644
--- a/pkg/extensions/sync/sync_test.go
+++ b/pkg/extensions/sync/sync_test.go
@@ -2105,7 +2105,7 @@ func TestSyncInvalidCerts(t *testing.T) {
 		Convey("Test sync on POST request on /sync", func() {
 			resp, _ := resty.R().Post(destBaseURL + "/sync")
 			So(resp, ShouldNotBeNil)
-			So(string(resp.Body()), ShouldContainSubstring, "signed by unknown authority")
+			So(string(resp.Body()), ShouldContainSubstring, "bad certificate")
 			So(resp.StatusCode(), ShouldEqual, 500)
 		})
 	})