diff --git a/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/client/MutinyVertxClientFactory.java b/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/client/MutinyVertxClientFactory.java
index b4ebe50c3fa29..35ad4f4ba25d2 100644
--- a/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/client/MutinyVertxClientFactory.java
+++ b/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/client/MutinyVertxClientFactory.java
@@ -22,6 +22,10 @@ public static WebClient createHttpClient(Vertx vertx, VaultBootstrapConfig vault
                 .setConnectTimeout((int) vaultBootstrapConfig.connectTimeout.toMillis())
                 .setIdleTimeout((int) vaultBootstrapConfig.readTimeout.getSeconds());
 
+        if (vaultBootstrapConfig.nonProxyHosts.isPresent()) {
+            options.setNonProxyHosts(vaultBootstrapConfig.nonProxyHosts.get());
+        }
+
         boolean trustAll = vaultBootstrapConfig.tls.skipVerify.orElseGet(() -> tlsConfig.trustAll);
         if (trustAll) {
             skipVerify(options);
diff --git a/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/config/VaultBootstrapConfig.java b/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/config/VaultBootstrapConfig.java
index 5f82842529cff..561d38880d953 100644
--- a/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/config/VaultBootstrapConfig.java
+++ b/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/config/VaultBootstrapConfig.java
@@ -210,6 +210,17 @@ public class VaultBootstrapConfig {
     @ConfigItem(defaultValue = DEFAULT_READ_TIMEOUT)
     public Duration readTimeout;
 
+    /**
+     * List of remote hosts that are not proxied when the client is configured to use a proxy. This
+     * list serves the same purpose as the JVM {@code nonProxyHosts} configuration.
+     *
+     * <p>
+     * Entries can use the <i>*</i> wildcard character for pattern matching, e.g <i>*.example.com</i> matches
+     * <i>www.example.com</i>.
+     */
+    @ConfigItem
+    public Optional<List<String>> nonProxyHosts;
+
     /**
      * List of named credentials providers, such as: `quarkus.vault.credentials-provider.foo.kv-path=mypath`
      * <p>
diff --git a/extensions/vault/runtime/src/test/java/io/quarkus/vault/runtime/VaultAuthManagerTest.java b/extensions/vault/runtime/src/test/java/io/quarkus/vault/runtime/VaultAuthManagerTest.java
index 24e9dd84173de..fd9302df8368d 100644
--- a/extensions/vault/runtime/src/test/java/io/quarkus/vault/runtime/VaultAuthManagerTest.java
+++ b/extensions/vault/runtime/src/test/java/io/quarkus/vault/runtime/VaultAuthManagerTest.java
@@ -125,6 +125,7 @@ private VaultBootstrapConfig createConfig() {
             config.authentication.userpass.passwordWrappingToken = Optional.empty();
             config.connectTimeout = Duration.ofSeconds(1);
             config.readTimeout = Duration.ofSeconds(1);
+            config.nonProxyHosts = Optional.empty();
             config.tls.skipVerify = Optional.of(true);
             config.logConfidentialityLevel = LogConfidentialityLevel.LOW;
             config.renewGracePeriod = Duration.ofSeconds(3);
diff --git a/extensions/vault/runtime/src/test/java/io/quarkus/vault/runtime/VaultDbManagerTest.java b/extensions/vault/runtime/src/test/java/io/quarkus/vault/runtime/VaultDbManagerTest.java
index 3437587327e03..76fde7c66d141 100644
--- a/extensions/vault/runtime/src/test/java/io/quarkus/vault/runtime/VaultDbManagerTest.java
+++ b/extensions/vault/runtime/src/test/java/io/quarkus/vault/runtime/VaultDbManagerTest.java
@@ -135,6 +135,7 @@ private VaultBootstrapConfig createConfig() {
             config.authentication.userpass.passwordWrappingToken = Optional.empty();
             config.connectTimeout = Duration.ofSeconds(1);
             config.readTimeout = Duration.ofSeconds(1);
+            config.nonProxyHosts = Optional.empty();
             config.tls.skipVerify = Optional.of(true);
             config.logConfidentialityLevel = LogConfidentialityLevel.LOW;
             config.renewGracePeriod = Duration.ofSeconds(3);
diff --git a/test-framework/vault/src/main/java/io/quarkus/vault/test/VaultTestExtension.java b/test-framework/vault/src/main/java/io/quarkus/vault/test/VaultTestExtension.java
index 33b33f608efc2..3d496359b764f 100644
--- a/test-framework/vault/src/main/java/io/quarkus/vault/test/VaultTestExtension.java
+++ b/test-framework/vault/src/main/java/io/quarkus/vault/test/VaultTestExtension.java
@@ -178,6 +178,7 @@ private TestVaultClient createVaultClient() {
         vaultBootstrapConfig.tls.caCert = Optional.empty();
         vaultBootstrapConfig.connectTimeout = Duration.ofSeconds(5);
         vaultBootstrapConfig.readTimeout = Duration.ofSeconds(1);
+        vaultBootstrapConfig.nonProxyHosts = Optional.empty();
         vaultBootstrapConfig.authentication = new VaultAuthenticationConfig();
         vaultBootstrapConfig.authentication.kubernetes = new VaultKubernetesAuthenticationConfig();
         return new TestVaultClient(new VaultConfigHolder().setVaultBootstrapConfig(vaultBootstrapConfig));