diff --git a/.github/workflows/test-suite.yml b/.github/workflows/test-suite.yml
index 46fa15da86..72ea9d41ae 100644
--- a/.github/workflows/test-suite.yml
+++ b/.github/workflows/test-suite.yml
@@ -319,6 +319,8 @@ jobs:
           bins: cargo-audit,cargo-deny
     - name: Check formatting with cargo fmt
       run: make cargo-fmt
+    - name: Check dependencies for unencrypted HTTP links
+      run: make insecure-deps
     - name: Lint code for quality and style with Clippy
       run: make lint-full
     - name: Certify Cargo.lock freshness
diff --git a/Makefile b/Makefile
index 9d08c3ebe1..9e2b1d24c5 100644
--- a/Makefile
+++ b/Makefile
@@ -343,6 +343,12 @@ vendor:
 udeps:
 	cargo +$(PINNED_NIGHTLY) udeps --tests --all-targets --release --features "$(TEST_FEATURES)"
 
+# Checks Cargo.toml files for unencrypted HTTP links
+insecure-deps:
+	@ BAD_LINKS=$$(find . -name Cargo.toml | xargs grep -n "http://" || true); \
+	if [ -z "$$BAD_LINKS" ]; then echo "No insecure HTTP links found"; \
+	else echo "$$BAD_LINKS"; echo "Using plain HTTP in Cargo.toml files is forbidden"; exit 1; fi
+
 # Performs a `cargo` clean and cleans the `ef_tests` directory.
 clean:
 	cargo clean