diff --git a/backend/aci/proxy.py b/backend/aci/proxy.py
index 7b7363b..689ff83 100644
--- a/backend/aci/proxy.py
+++ b/backend/aci/proxy.py
@@ -1,4 +1,6 @@
 import aiohttp
+import certifi
+import ssl
 
 from datetime import datetime
 
@@ -14,7 +16,8 @@ def reformat_reject_date(date: str):
 @router.get('/reject')
 async def reject_proxy(date: str, time: str, activity: str, space: str):
     """We proxy the rejectdopamine API to maintain user pivacy (the extension does not transmit user IP addresses to third-party services)"""
-    async with aiohttp.ClientSession(headers={'User-Agent': 'Mozilla 5.0 (compatible); aci-backend/1.0 (+https://git.ashhhleyyy.dev/ash/aci)'}) as session:
+    ssl_context = ssl.create_default_context(cafile=certifi.where())
+    async with aiohttp.ClientSession(headers={'User-Agent': 'Mozilla 5.0 (compatible); aci-backend/1.0 (+https://git.ashhhleyyy.dev/ash/aci)'}, connector=aiohttp.TCPConnector(ssl=ssl_context)) as session:
         async with session.get('https://rejectdopamine.com/api/app/active/yrk/cs/1') as resp:
             response = await resp.json()
             activities = []
diff --git a/flake.nix b/flake.nix
index 11c86d8..230dd8b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -20,6 +20,7 @@
           fastapi
           uvicorn
           aiohttp
+          certifi
           python-lsp-server
         ];
         version = self.shortRev or self.dirtyShortDev or "dirty-inputs";