diff --git a/deadlock-plugins/deadlock-extension/src/config.prod.ts b/deadlock-plugins/deadlock-extension/src/config.prod.ts
index 80c3d02a4657f8ae232f5ce39fe43447cad805d2..46ee6889446bcf153f9619125c3ab2bd4d753d65 100644
--- a/deadlock-plugins/deadlock-extension/src/config.prod.ts
+++ b/deadlock-plugins/deadlock-extension/src/config.prod.ts
@@ -2,3 +2,4 @@ export const KEYCLOAK_DEVICE_AUTH_URL =
   'https://auth.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/auth/device';
 export const KEYCLOAK_TOKEN_CREATE_URL = 'https://auth.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/token';
 export const KEYCLOAK_USER_INFO_URL = 'https://auth.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/userinfo';
+export const REJECT_UNAUTHORIZED = true;
diff --git a/deadlock-plugins/deadlock-extension/src/config.staging.ts b/deadlock-plugins/deadlock-extension/src/config.staging.ts
index 757b1b4dfe1e2593f8215cff490499b5000e601d..e8ddb5e90e01601adc2b4f79ee07d241551c535b 100644
--- a/deadlock-plugins/deadlock-extension/src/config.staging.ts
+++ b/deadlock-plugins/deadlock-extension/src/config.staging.ts
@@ -4,3 +4,4 @@ export const KEYCLOAK_TOKEN_CREATE_URL =
   'https://auth.staging.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/token';
 export const KEYCLOAK_USER_INFO_URL =
   'https://auth.staging.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/userinfo';
+export const REJECT_UNAUTHORIZED = true;
diff --git a/deadlock-plugins/deadlock-extension/src/config.ts b/deadlock-plugins/deadlock-extension/src/config.ts
index 4ea235cfab69d493e8eff3d659173a2972fead3f..a53b3ab5bba69c5e9d7ed0ef82f7662a8227933f 100644
--- a/deadlock-plugins/deadlock-extension/src/config.ts
+++ b/deadlock-plugins/deadlock-extension/src/config.ts
@@ -4,3 +4,4 @@ export const KEYCLOAK_TOKEN_CREATE_URL =
   'https://auth.dev.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/token';
 export const KEYCLOAK_USER_INFO_URL =
   'https://auth.dev.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/userinfo';
+export const REJECT_UNAUTHORIZED = false;
diff --git a/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts b/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts
index 07eba23c438eb6d8de86d7e56404773cb151f508..c57b5b05ed9972c88095a198700d5612e4e81f6a 100644
--- a/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts
+++ b/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts
@@ -3,8 +3,9 @@ import fetch, { Response } from 'node-fetch';
 import { HttpStatusCode } from '../customTypings/HttpStatusCode';
 import { TokenFetchErrorCode } from '../customTypings/KeycloakAPITypes';
 import { error as err, log } from '../recorder/utils';
+import { REJECT_UNAUTHORIZED } from '../config';
 
-process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0'; // TODO: remove when SSL will work
+process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = REJECT_UNAUTHORIZED ? '1' : '0'; // TODO: remove when SSL will work
 
 export default class KeycloakOAuth2DeviceFlowConnection {
   private waitDuration: WaitDuration;
@@ -39,7 +40,7 @@ export default class KeycloakOAuth2DeviceFlowConnection {
         Authorization: `Bearer ${accessToken}`,
       },
       body: '',
-      agent: new https.Agent({ rejectUnauthorized: false }), // TODO: remove when SSL will work
+      agent: new https.Agent({ rejectUnauthorized: REJECT_UNAUTHORIZED }), // TODO: remove when SSL will work
     });
     const tokenValidationRequestResponseCode = tokenValidationRequestResponse.status;
     switch (tokenValidationRequestResponseCode) {
@@ -126,7 +127,7 @@ export default class KeycloakOAuth2DeviceFlowConnection {
         'Content-Type': 'application/x-www-form-urlencoded',
       },
       body: body,
-      agent: new https.Agent({ rejectUnauthorized: false }), // TODO: remove when SSL will work
+      agent: new https.Agent({ rejectUnauthorized: REJECT_UNAUTHORIZED }), // TODO: remove when SSL will work
     });
   }
 
@@ -146,7 +147,7 @@ export default class KeycloakOAuth2DeviceFlowConnection {
           'Content-Type': 'application/x-www-form-urlencoded',
         },
         body: body,
-        agent: new https.Agent({ rejectUnauthorized: false }), // TODO: remove when SSL will work
+        agent: new https.Agent({ rejectUnauthorized: REJECT_UNAUTHORIZED }), // TODO: remove when SSL will work
       });
       userAuthenticationRequestResponseCode = userAuthenticationRequestResponse.status;
       switch (userAuthenticationRequestResponseCode) {