diff --git a/cmd/helm/root.go b/cmd/helm/root.go
index ef92fea92..bfe8c21e2 100644
--- a/cmd/helm/root.go
+++ b/cmd/helm/root.go
@@ -152,12 +152,16 @@ func newRootCmd(actionConfig *action.Configuration, out io.Writer, args []string
 	flags.ParseErrorsWhitelist.UnknownFlags = true
 	flags.Parse(args)
 
-	registryClient, err := registry.NewClient(
+	clientOptions := []registry.ClientOption{
 		registry.ClientOptDebug(settings.Debug),
 		registry.ClientOptEnableCache(true),
 		registry.ClientOptWriter(out),
 		registry.ClientOptCredentialsFile(settings.RegistryConfig),
-	)
+	}
+	if settings.RegistryInsecure {
+		clientOptions = append(clientOptions, registry.ClientPlainHTTP())
+	}
+	registryClient, err := registry.NewClient(clientOptions...)
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/cli/environment.go b/pkg/cli/environment.go
index ac3093629..5b1d05320 100644
--- a/pkg/cli/environment.go
+++ b/pkg/cli/environment.go
@@ -80,6 +80,8 @@ type EnvSettings struct {
 	MaxHistory int
 	// BurstLimit is the default client-side throttling limit.
 	BurstLimit int
+	// RegistryInsecure is set transport data to registry use http transport schema
+	RegistryInsecure bool
 }
 
 func New() *EnvSettings {
@@ -99,6 +101,7 @@ func New() *EnvSettings {
 		RepositoryConfig:          envOr("HELM_REPOSITORY_CONFIG", helmpath.ConfigPath("repositories.yaml")),
 		RepositoryCache:           envOr("HELM_REPOSITORY_CACHE", helmpath.CachePath("repository")),
 		BurstLimit:                envIntOr("HELM_BURST_LIMIT", defaultBurstLimit),
+		RegistryInsecure:          envBoolOr("HELM_REGISTRY_INSECURE", false),
 	}
 	env.Debug, _ = strconv.ParseBool(os.Getenv("HELM_DEBUG"))
 
@@ -139,6 +142,8 @@ func (s *EnvSettings) AddFlags(fs *pflag.FlagSet) {
 	fs.StringVar(&s.RepositoryConfig, "repository-config", s.RepositoryConfig, "path to the file containing repository names and URLs")
 	fs.StringVar(&s.RepositoryCache, "repository-cache", s.RepositoryCache, "path to the file containing cached repository indexes")
 	fs.IntVar(&s.BurstLimit, "burst-limit", s.BurstLimit, "client-side default throttling limit")
+	fs.BoolVar(&s.RegistryInsecure, "registry-insecure", false, "set registry is insecure mode, use http transport data")
+
 }
 
 func envOr(name, def string) string {
diff --git a/pkg/registry/client.go b/pkg/registry/client.go
index c1004f956..df3986871 100644
--- a/pkg/registry/client.go
+++ b/pkg/registry/client.go
@@ -61,6 +61,7 @@ type (
 		authorizer         auth.Client
 		registryAuthorizer *registryauth.Client
 		resolver           remotes.Resolver
+		PlainHTTP          bool
 	}
 
 	// ClientOption allows specifying various settings configurable by the user for overriding the defaults
@@ -90,6 +91,9 @@ func NewClient(options ...ClientOption) (*Client, error) {
 		headers := http.Header{}
 		headers.Set("User-Agent", version.GetUserAgent())
 		opts := []auth.ResolverOption{auth.WithResolverHeaders(headers)}
+		if client.PlainHTTP {
+			opts = append(opts, auth.WithResolverPlainHTTP())
+		}
 		resolver, err := client.authorizer.ResolverWithOpts(opts...)
 		if err != nil {
 			return nil, err
@@ -166,6 +170,13 @@ func ClientOptCredentialsFile(credentialsFile string) ClientOption {
 	}
 }
 
+// ClientPlainHTTP returns a function that sets the PlainHTTP setting to true on resolver. use http schema transport data
+func ClientPlainHTTP() ClientOption {
+	return func(client *Client) {
+		client.PlainHTTP = true
+	}
+}
+
 type (
 	// LoginOption allows specifying various settings on login
 	LoginOption func(*loginOperation)