diff --git a/config.example.yaml b/config.example.yaml
index b489b97e..16614111 100644
--- a/config.example.yaml
+++ b/config.example.yaml
@@ -72,3 +72,6 @@ clair:
       cafile:
       keyfile:
       certfile:
+
+      # Optional HTTP Proxy: must be a valid URL (including the scheme).
+      proxy:
diff --git a/notifier/notifiers/webhook.go b/notifier/notifiers/webhook.go
index 9fa1c655..e284c947 100644
--- a/notifier/notifiers/webhook.go
+++ b/notifier/notifiers/webhook.go
@@ -49,6 +49,7 @@ type WebhookNotifierConfiguration struct {
 	CertFile   string
 	KeyFile    string
 	CAFile     string
+	Proxy      string
 }
 
 func init() {
@@ -78,22 +79,32 @@ func (h *WebhookNotifier) Configure(config *config.NotifierConfig) (bool, error)
 		return false, nil
 	}
 	if _, err := url.Parse(httpConfig.Endpoint); err != nil {
-		return false, errors.New("invalid endpoint URL")
+		return false, fmt.Errorf("could not parse endpoint URL: %s\n", err)
 	}
 	h.endpoint = httpConfig.Endpoint
 
+	// Setup HTTP client.
+	transport := &http.Transport{}
+	h.client = &http.Client{
+		Transport: transport,
+		Timeout:   timeout,
+	}
+
 	// Initialize TLS.
-	tlsConfig, err := loadTLSClientConfig(&httpConfig)
+	transport.TLSClientConfig, err = loadTLSClientConfig(&httpConfig)
 	if err != nil {
 		return false, fmt.Errorf("could not initialize client cert auth: %s\n", err)
 	}
 
-	h.client = &http.Client{
-		Transport: &http.Transport{
-			TLSClientConfig: tlsConfig,
-		},
-		Timeout: timeout,
+	// Set proxy.
+	if httpConfig.Proxy != "" {
+		proxyURL, err := url.ParseRequestURI(httpConfig.Proxy)
+		if err != nil {
+			return false, fmt.Errorf("could not parse proxy URL: %s\n", err)
+		}
+		transport.Proxy = http.ProxyURL(proxyURL)
 	}
+
 	return true, nil
 }