diff --git a/roles/base/files/postfix/main.cf/main.cf.gateway b/roles/base/files/postfix/main.cf/main.cf.gateway
index be4aaa547a..d5a30bb840 100644
--- a/roles/base/files/postfix/main.cf/main.cf.gateway
+++ b/roles/base/files/postfix/main.cf/main.cf.gateway
@@ -722,6 +722,7 @@ smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
 smtpd_tls_mandatory_ciphers = high
 smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5, RC4
 smtpd_tls_loglevel = 1
+smtpd_tls_CAfile  =   /etc/pki/tls/certs/ca-bundle.crt
 smtpd_tls_chain_files = /etc/pki/tls/private/gateway-chain.pem
 smtpd_tls_session_cache_timeout = 3600s
 smtpd_tls_session_cache_database        = btree:${queue_directory}/smtpd_scache
@@ -739,6 +740,7 @@ smtp_tls_mandatory_protocols = !SSLv2,!SSLv3
 smtp_tls_mandatory_ciphers = high
 smtp_tls_mandatory_exclude_ciphers= aNULL, MD5, RC4
 smtp_tls_loglevel = 1
+smtp_tls_CAfile  =   /etc/pki/tls/certs/ca-bundle.crt
 smtp_tls_chain_files = /etc/pki/tls/private/gateway-chain.pem
 smtp_tls_security_level = may
 smtp_tls_connection_reuse = no