Unknown authority when using IdentityFile

In my test setup, I don’t have a TLS certificate. The regular way of using tsh login --proxy=proxy-server --insecure --user=user and then tsh ssh user@target works just fine.

However, after a tsh logout when I export the identity file with tsh login --proxy=proxy-server --insecure --user=user --out=user and the try to use tsh ssh -i user --proxy=proxy-server user@target Teleport throws an error: Get https://proxy-server:3080/v1/webapi/ping: x509: certificate signed by unknown authority

Also tsh -i user status --proxy=proxy-server has no output.

Is it necessary to have a TLS certificate specified for using an identity file?

My goal is to have a jump host on which users can use the Teleport services (tsh login, tsh ssh…). But the Teleport credentials should be stored on the user’s machine, not on the jump host. Authentication of the jump host will be done with my own certificate management.

Does tsh ssh --insecure -i user --proxy=proxy-server user@target work?