diff --git a/orchestration/airflow/Dockerfile b/orchestration/airflow/Dockerfile
index 35686a144f..7475aaa7c2 100644
--- a/orchestration/airflow/Dockerfile
+++ b/orchestration/airflow/Dockerfile
@@ -5,7 +5,14 @@ ARG GCLOUD_VERSION=google-cloud-cli-411.0.0-linux-x86_64.tar.gz
 
 # install airflow deps
 WORKDIR ${AIRFLOW_USER_HOME}
-COPY orchestration-requirements.txt /opt/requirements.txt
+COPY orchestration-requirements.in /opt/requirements.txt
+
+COPY ./etc/cacert.pem /cacert.pem
+
+ENV REQUESTS_CA_BUNDLE=/cacert.pem
+ENV PIP_CERT=/cacert.pem
+ENV CURL_CA_BUNDLE=/cacert.pem
+
 RUN pip3 install --upgrade pip
 RUN pip3 install --no-cache-dir -r /opt/requirements.txt
 
@@ -13,8 +20,9 @@ RUN pip3 install --no-cache-dir -r /opt/requirements.txt
 USER root
 RUN apt-get update && apt-get install -y ca-certificates --no-install-recommends && apt-get install git -y
 COPY ./etc/sa.gcpkey.json ${GCLOUD_SERVICE_KEY}
-RUN curl -LO -k https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/${GCLOUD_VERSION} && tar xf ${GCLOUD_VERSION}
+RUN curl -LO https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/${GCLOUD_VERSION} && tar xf ${GCLOUD_VERSION}
 ENV PATH $PATH:$AIRFLOW_USER_HOME/google-cloud-sdk/bin
+RUN gcloud config set core/custom_ca_certs_file "/cacert.pem"
 RUN gcloud auth activate-service-account --key-file=${GCLOUD_SERVICE_KEY}
 
 
diff --git a/orchestration/airflow/etc/.gitignore b/orchestration/airflow/etc/.gitignore
index 697ecccc3e..123e134bcf 100644
--- a/orchestration/airflow/etc/.gitignore
+++ b/orchestration/airflow/etc/.gitignore
@@ -1 +1,2 @@
-sa.gcpkey.json
\ No newline at end of file
+sa.gcpkey.json
+cacert.pem