diff --git a/pkg/operator/ceph/object/health.go b/pkg/operator/ceph/object/health.go
index 00f36dea8be4..957d873ebd6a 100644
--- a/pkg/operator/ceph/object/health.go
+++ b/pkg/operator/ceph/object/health.go
@@ -18,7 +18,9 @@ package object
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
+	"net/http"
 	"time"
 
 	"github.com/ceph/go-ceph/rgw/admin"
@@ -170,6 +172,11 @@ func (c *bucketChecker) checkObjectStoreHealth() error {
 	if err != nil {
 		return errors.Wrap(err, "failed to initialize s3 connection")
 	}
+	// Force the s3 client to use insecure TLS connection
+	s3client.Client.Config.HTTPClient.Transport = &http.Transport{
+		// #nosec G402 is enabled only for testing
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+	}
 
 	// Force purge the s3 object before starting anything
 	cleanupObjectHealthCheck(s3client, c.objContext.UID)
diff --git a/pkg/operator/ceph/object/s3-handlers.go b/pkg/operator/ceph/object/s3-handlers.go
index 98701f7340fa..cc8a07b8ec92 100644
--- a/pkg/operator/ceph/object/s3-handlers.go
+++ b/pkg/operator/ceph/object/s3-handlers.go
@@ -207,6 +207,6 @@ func BuildTransportTLS(tlsCert []byte) *http.Transport {
 	caCertPool.AppendCertsFromPEM(tlsCert)
 
 	return &http.Transport{
-		TLSClientConfig: &tls.Config{RootCAs: caCertPool, MinVersion: tls.VersionTLS12},
+		TLSClientConfig: &tls.Config{RootCAs: caCertPool, MinVersion: tls.VersionTLS12, InsecureSkipVerify: true},
 	}
 }