diff --git a/roles/push-docker/tasks/main.yml b/roles/push-docker/tasks/main.yml
index 0fec869d83..56325014eb 100644
--- a/roles/push-docker/tasks/main.yml
+++ b/roles/push-docker/tasks/main.yml
@@ -14,14 +14,16 @@
     src: "{{private}}/files/koji/{{docker_cert_name}}.cert.pem"
     dest: "{{docker_cert_dir}}/client.cert"
     owner: root
-    mode: 0600
+    group: "releng-team"
+    mode: 0640
 
 - name: install docker client key for registry
   copy:
     src: "{{private}}/files/koji/{{docker_cert_name}}.key.pem"
     dest: "{{docker_cert_dir}}/client.key"
     owner: root
-    mode: 0600
+    group: "releng-team"
+    mode: 0640
 
 - name: start and enable docker
   service: name=docker state=started enabled=yes