diff --git a/pkg/mounter/geesefs.go b/pkg/mounter/geesefs.go
index 04a467b..6b786ca 100644
--- a/pkg/mounter/geesefs.go
+++ b/pkg/mounter/geesefs.go
@@ -24,6 +24,7 @@ type geesefsMounter struct {
 	region          string
 	accessKeyID     string
 	secretAccessKey string
+	insecure        bool
 }
 
 func newGeeseFSMounter(meta *s3.FSMeta, cfg *s3.Config) (Mounter, error) {
@@ -33,6 +34,7 @@ func newGeeseFSMounter(meta *s3.FSMeta, cfg *s3.Config) (Mounter, error) {
 		region:          cfg.Region,
 		accessKeyID:     cfg.AccessKeyID,
 		secretAccessKey: cfg.SecretAccessKey,
+		insecure:        cfg.Insecure,
 	}, nil
 }
 
@@ -94,6 +96,9 @@ func (geesefs *geesefsMounter) Mount(target, volumeID string) error {
 	if geesefs.region != "" {
 		args = append(args, "--region", geesefs.region)
 	}
+	if geesefs.insecure {
+		args = append(args, "--no-verify-ssl")
+	}
 	args = append(
 		args,
 		"--setuid", "65534", // nobody. drop root privileges
diff --git a/pkg/mounter/rclone.go b/pkg/mounter/rclone.go
index fd30c99..9507f8d 100644
--- a/pkg/mounter/rclone.go
+++ b/pkg/mounter/rclone.go
@@ -14,6 +14,7 @@ type rcloneMounter struct {
 	region          string
 	accessKeyID     string
 	secretAccessKey string
+	insecure        bool
 }
 
 const (
@@ -27,6 +28,7 @@ func newRcloneMounter(meta *s3.FSMeta, cfg *s3.Config) (Mounter, error) {
 		region:          cfg.Region,
 		accessKeyID:     cfg.AccessKeyID,
 		secretAccessKey: cfg.SecretAccessKey,
+		insecure:        cfg.Insecure,
 	}, nil
 }
 
@@ -45,6 +47,9 @@ func (rclone *rcloneMounter) Mount(target, volumeID string) error {
 	if rclone.region != "" {
 		args = append(args, fmt.Sprintf("--s3-region=%s", rclone.region))
 	}
+	if rclone.insecure {
+		args = append(args, "--no-check-certificate")
+	}
 	args = append(args, rclone.meta.MountOptions...)
 	envs := []string{
 		"AWS_ACCESS_KEY_ID=" + rclone.accessKeyID,
diff --git a/pkg/mounter/s3fs.go b/pkg/mounter/s3fs.go
index 3cc4df0..bebfc49 100644
--- a/pkg/mounter/s3fs.go
+++ b/pkg/mounter/s3fs.go
@@ -13,6 +13,7 @@ type s3fsMounter struct {
 	url           string
 	region        string
 	pwFileContent string
+	insecure      bool
 }
 
 const (
@@ -25,6 +26,7 @@ func newS3fsMounter(meta *s3.FSMeta, cfg *s3.Config) (Mounter, error) {
 		url:           cfg.Endpoint,
 		region:        cfg.Region,
 		pwFileContent: cfg.AccessKeyID + ":" + cfg.SecretAccessKey,
+		insecure:      cfg.Insecure,
 	}, nil
 }
 
@@ -43,6 +45,9 @@ func (s3fs *s3fsMounter) Mount(target, volumeID string) error {
 	if s3fs.region != "" {
 		args = append(args, "-o", fmt.Sprintf("endpoint=%s", s3fs.region))
 	}
+	if s3fs.insecure {
+		args = append(args, "-o", "no_check_certificate")
+	}
 	args = append(args, s3fs.meta.MountOptions...)
 	return fuseMount(target, s3fsCmd, args, nil)
 }