diff --git a/roles/rke2/tasks/fix_selinux.yml b/roles/rke2/tasks/fix_selinux.yml
index 5c37bf99cd23f3ffc006ea10b8cd41d2fda4ca15..fbdd3d9369a78bc29d013d4681853e1aa7e9b5d8 100644
--- a/roles/rke2/tasks/fix_selinux.yml
+++ b/roles/rke2/tasks/fix_selinux.yml
@@ -7,6 +7,9 @@
   shell: "setenforce 0 "
   register: selinux_off
 
+- name: Update CA trust
+  shell: update-ca-trust
+
 - name: kill the openstack ccm pods to make sure they boot in permissive mode
   shell: "/var/lib/rancher/rke2/bin/kubectl --kubeconfig /etc/rancher/rke2/rke2.yaml rollout restart -n kube-system ds openstack-cloud-controller-manager "
   register: openstack_ccm_ready