diff --git a/src/config.rs b/src/config.rs
index 6af9c26a..8b9cd3d9 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -296,11 +296,6 @@ impl Config {
                         .as_ref()
                         .and(tls_config.pkcs12_password.as_ref())
                         .ok_or_else(|| anyhow!("Missing `pkcs12` or `pkcs12_password`"))?;
-                } else {
-                    tls_config
-                        .trusted_root
-                        .as_ref()
-                        .ok_or_else(|| anyhow!("Missing `trusted_root`"))?;
                 }
                 Ok(())
             }
diff --git a/src/transport/tls.rs b/src/transport/tls.rs
index 80433608..80d0fbd1 100644
--- a/src/transport/tls.rs
+++ b/src/transport/tls.rs
@@ -42,7 +42,11 @@ impl Transport for TlsTransport {
                     .build()?;
                 Some(TlsConnector::from(connector))
             }
-            None => None,
+            None => {
+                // if no trusted_root is specified, allow TlsConnector to use system default
+                let connector = native_tls::TlsConnector::builder().build()?;
+                Some(TlsConnector::from(connector))
+            },
         };
 
         let tls_acceptor = match config.pkcs12.as_ref() {