diff --git a/openshift/backend/Dockerfile b/openshift/backend/Dockerfile
index 3492256f..62ad3efe 100644
--- a/openshift/backend/Dockerfile
+++ b/openshift/backend/Dockerfile
@@ -10,6 +10,7 @@ LABEL \
 # The caller can chose to provide an already built module-build-service RPM.
 ARG mbs_rpm=module-build-service
 ARG mbs_messaging_umb_rpm
+ARG umb_ca_crt
 
 RUN dnf -y install \
             python2-pungi \
@@ -19,6 +20,9 @@ RUN dnf -y install \
             $mbs_messaging_umb_rpm \
     && dnf -y clean all
 
+ADD $umb_ca_crt /etc/pki/ca-trust/source/anchors/umb_serverca.crt
+# Do this as a workaround instead of `update-ca-trust`
+RUN cat /etc/pki/ca-trust/source/anchors/umb_serverca.crt >> /etc/pki/tls/certs/ca-bundle.crt
 
 VOLUME ["/etc/module-build-service", "/etc/fedmsg.d", "/etc/mbs-certs"]
 ENTRYPOINT fedmsg-hub
diff --git a/openshift/mbs-test-template.yaml b/openshift/mbs-test-template.yaml
index 61dfcde1..fbdd70f6 100644
--- a/openshift/mbs-test-template.yaml
+++ b/openshift/mbs-test-template.yaml
@@ -492,6 +492,7 @@ objects:
           'stomp_heartbeat': 5000,
           'stomp_ssl_crt': '/etc/mbs-certs/messaging.crt',
           'stomp_ssl_key': '/etc/mbs-certs/messaging.key',
+          'stomp_ca_certs': None,
           'stomp_ack_mode': 'auto',
       }
     mbs-scheduler.py: |