diff --git a/config.go b/config.go
index 21700586..6d2cb05a 100644
--- a/config.go
+++ b/config.go
@@ -74,6 +74,7 @@ type tlsConfig struct {
 	StatusCertificate string `yaml:"status_cert" json:"status_cert,omitempty"`
 	StatusKey         string `yaml:"status_key" json:"status_key,omitempty"`
 	Warning           string `yaml:"warning" json:"warning,omitempty"`
+	WarningValidation string `yaml:"warning_validation" json:"warning_validation,omitempty"`
 }
 
 // initialize to default values, will be changed later when reading config or parsing command line
diff --git a/control.go b/control.go
index 72996c59..d9c56e5b 100644
--- a/control.go
+++ b/control.go
@@ -1147,8 +1147,8 @@ func validateCertificates(data tlsConfig) (tlsConfig, error) {
 		mainCert := parsedCerts[0]
 		_, err := mainCert.Verify(opts)
 		if err != nil {
-			// TODO: let self-signed certs through
-			return data, errorx.Decorate(err, "Your certificate does not verify")
+			// let self-signed certs through
+			data.WarningValidation = fmt.Sprintf("Your certificate does not verify: %s", err)
 		}
 		// spew.Dump(chains)