diff --git a/changelogs/fragments/10753-ipa-validate.yml b/changelogs/fragments/10753-ipa-validate.yml
new file mode 100644
index 00000000000..e929939e890
--- /dev/null
+++ b/changelogs/fragments/10753-ipa-validate.yml
@@ -0,0 +1,2 @@
+minor_changes:
+  - ipa_* modules - support environment fallback for ``validate_certs`` parameter (https://github.com/ansible-collections/community.general/pull/10753).
\ No newline at end of file
diff --git a/plugins/doc_fragments/ipa.py b/plugins/doc_fragments/ipa.py
index 665a8171a9c..3e75157346d 100644
--- a/plugins/doc_fragments/ipa.py
+++ b/plugins/doc_fragments/ipa.py
@@ -62,6 +62,8 @@ class ModuleDocFragment(object):
       - This only applies if O(ipa_prot) is V(https).
       - If set to V(false), the SSL certificates are not validated.
       - This should only set to V(false) used on personally controlled sites using self-signed certificates.
+      - If the value is not specified in the task, the value of environment variable E(IPA_VALIDATE_CERTS) is used instead.
+        If both the environment variable E(IPA_VALIDATE_CERTS) and the value are not specified in the task, then default value is used.
     type: bool
     default: true
   ipa_timeout:
diff --git a/plugins/module_utils/ipa.py b/plugins/module_utils/ipa.py
index fb63d5556be..5377036cf61 100644
--- a/plugins/module_utils/ipa.py
+++ b/plugins/module_utils/ipa.py
@@ -211,5 +211,5 @@ def ipa_argument_spec():
         ipa_user=dict(type='str', default='admin', fallback=(env_fallback, ['IPA_USER'])),
         ipa_pass=dict(type='str', no_log=True, fallback=(env_fallback, ['IPA_PASS'])),
         ipa_timeout=dict(type='int', default=10, fallback=(env_fallback, ['IPA_TIMEOUT'])),
-        validate_certs=dict(type='bool', default=True),
+        validate_certs=dict(type='bool', default=True, fallback=(env_fallback, ['IPA_VALIDATE_CERTS'])),
     )