diff --git a/CHANGELOG.md b/CHANGELOG.md
index 83f7967a..85997d33 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 - Updated mkdocs/ sfeos doucmentation page [#386](https://github.com/stac-utils/stac-fastapi-elasticsearch-opensearch/pull/386)
 
+### Fixed
+
+- Added the ability to authenticate with OpenSearch/ElasticSearch with SSL disabled [#388](https://github.com/stac-utils/stac-fastapi-elasticsearch-opensearch/pull/388)
+
 ## [v5.0.0a0] - 2025-05-29
 
 ### Added
diff --git a/stac_fastapi/elasticsearch/stac_fastapi/elasticsearch/config.py b/stac_fastapi/elasticsearch/stac_fastapi/elasticsearch/config.py
index d371c6a5..49495854 100644
--- a/stac_fastapi/elasticsearch/stac_fastapi/elasticsearch/config.py
+++ b/stac_fastapi/elasticsearch/stac_fastapi/elasticsearch/config.py
@@ -52,6 +52,10 @@ def _es_config() -> Dict[str, Any]:
     if http_compress:
         config["http_compress"] = True
 
+    # Handle authentication
+    if (u := os.getenv("ES_USER")) and (p := os.getenv("ES_PASS")):
+        config["http_auth"] = (u, p)
+
     # Explicitly exclude SSL settings when not using SSL
     if not use_ssl:
         return config
@@ -64,10 +68,6 @@ def _es_config() -> Dict[str, Any]:
     if config["verify_certs"]:
         config["ca_certs"] = os.getenv("CURL_CA_BUNDLE", certifi.where())
 
-    # Handle authentication
-    if (u := os.getenv("ES_USER")) and (p := os.getenv("ES_PASS")):
-        config["http_auth"] = (u, p)
-
     return config
 
 
diff --git a/stac_fastapi/opensearch/stac_fastapi/opensearch/config.py b/stac_fastapi/opensearch/stac_fastapi/opensearch/config.py
index d3811376..3fe4d71b 100644
--- a/stac_fastapi/opensearch/stac_fastapi/opensearch/config.py
+++ b/stac_fastapi/opensearch/stac_fastapi/opensearch/config.py
@@ -40,18 +40,6 @@ def _es_config() -> Dict[str, Any]:
     if http_compress:
         config["http_compress"] = True
 
-    # Explicitly exclude SSL settings when not using SSL
-    if not use_ssl:
-        return config
-
-    # Include SSL settings if using https
-    config["ssl_version"] = ssl.PROTOCOL_SSLv23
-    config["verify_certs"] = get_bool_env("ES_VERIFY_CERTS", default=True)
-
-    # Include CA Certificates if verifying certs
-    if config["verify_certs"]:
-        config["ca_certs"] = os.getenv("CURL_CA_BUNDLE", certifi.where())
-
     # Handle authentication
     if (u := os.getenv("ES_USER")) and (p := os.getenv("ES_PASS")):
         config["http_auth"] = (u, p)
@@ -65,6 +53,18 @@ def _es_config() -> Dict[str, Any]:
 
         config["headers"] = headers
 
+    # Explicitly exclude SSL settings when not using SSL
+    if not use_ssl:
+        return config
+
+    # Include SSL settings if using https
+    config["ssl_version"] = ssl.PROTOCOL_SSLv23
+    config["verify_certs"] = get_bool_env("ES_VERIFY_CERTS", default=True)
+
+    # Include CA Certificates if verifying certs
+    if config["verify_certs"]:
+        config["ca_certs"] = os.getenv("CURL_CA_BUNDLE", certifi.where())
+
     return config