diff --git a/sdk/python/feast/cli.py b/sdk/python/feast/cli.py
index cff91e2b0f..30facbf78f 100644
--- a/sdk/python/feast/cli.py
+++ b/sdk/python/feast/cli.py
@@ -1112,14 +1112,13 @@ def serve_registry_command(
     tls_ca_file_path: str,
 ):
     """Start a registry server locally on a given port."""
-    configure_ssl_ca(ca_file_path=tls_ca_file_path)
     if (tls_key_path and not tls_cert_path) or (not tls_key_path and tls_cert_path):
         raise click.BadParameter(
             "Please pass --cert and --key args to start the registry server in TLS mode."
         )
     store = create_feature_store(ctx)
 
-    store.serve_registry(port, tls_key_path, tls_cert_path)
+    store.serve_registry(port, tls_key_path, tls_cert_path, tls_ca_file_path)
 
 
 @cli.command("serve_offline")
diff --git a/sdk/python/feast/feature_store.py b/sdk/python/feast/feature_store.py
index 4497590201..3b73b7b709 100644
--- a/sdk/python/feast/feature_store.py
+++ b/sdk/python/feast/feature_store.py
@@ -1949,13 +1949,21 @@ def serve_ui(
         )
 
     def serve_registry(
-        self, port: int, tls_key_path: str = "", tls_cert_path: str = ""
+        self,
+        port: int,
+        tls_key_path: str = "",
+        tls_cert_path: str = "",
+        tls_ca_file_path: str = "",
     ) -> None:
         """Start registry server locally on a given port."""
         from feast import registry_server
 
         registry_server.start_server(
-            self, port=port, tls_key_path=tls_key_path, tls_cert_path=tls_cert_path
+            self,
+            port=port,
+            tls_key_path=tls_key_path,
+            tls_cert_path=tls_cert_path,
+            tls_ca_file_path=tls_ca_file_path,
         )
 
     def serve_offline(
diff --git a/sdk/python/feast/registry_server.py b/sdk/python/feast/registry_server.py
index c9abf62ccd..f9df6513ef 100644
--- a/sdk/python/feast/registry_server.py
+++ b/sdk/python/feast/registry_server.py
@@ -37,6 +37,7 @@
 from feast.project import Project
 from feast.protos.feast.registry import RegistryServer_pb2, RegistryServer_pb2_grpc
 from feast.saved_dataset import SavedDataset, ValidationReference
+from feast.ssl_ca_setup import configure_ssl_ca
 from feast.stream_feature_view import StreamFeatureView
 
 logger = logging.getLogger(__name__)
@@ -763,7 +764,9 @@ def start_server(
     wait_for_termination: bool = True,
     tls_key_path: str = "",
     tls_cert_path: str = "",
+    tls_ca_file_path: str = "",
 ):
+    configure_ssl_ca(ca_file_path=tls_ca_file_path)
     auth_manager_type = str_to_auth_manager_type(store.config.auth_config.type)
     init_security_manager(auth_type=auth_manager_type, fs=store)
     init_auth_manager(
diff --git a/sdk/python/tests/unit/permissions/auth/server/test_auth_registry_server.py b/sdk/python/tests/unit/permissions/auth/server/test_auth_registry_server.py
index f67da3b4d3..977fffc4a7 100644
--- a/sdk/python/tests/unit/permissions/auth/server/test_auth_registry_server.py
+++ b/sdk/python/tests/unit/permissions/auth/server/test_auth_registry_server.py
@@ -55,6 +55,7 @@ def start_registry_server(
             wait_for_termination=False,
             tls_key_path=tls_key_path,
             tls_cert_path=tls_cert_path,
+            tls_ca_file_path=tls_ca_file_path,
         )
     else:
         print(f"Starting Registry in Non-TLS mode at {server_port}")