diff --git a/files/copr/lighttpd/lighttpd.conf b/files/copr/lighttpd/lighttpd.conf
index 347ba3fa6a..177d3d08a4 100644
--- a/files/copr/lighttpd/lighttpd.conf
+++ b/files/copr/lighttpd/lighttpd.conf
@@ -449,7 +449,7 @@ server.upload-dirs = ( "/var/tmp" )
 $SERVER["socket"] == ":443" {
   ssl.engine = "enable"
   ssl.pemfile = "/etc/lighttpd/copr-be.fedoraproject.org.pem"
-  ssl.ca-file = "/etc/lighttpd/copr-be.fedoraproject.org.crt"
+  ssl.ca-file = "/etc/lighttpd/DigiCertCA.crt"
   ssl.disable-client-renegotiation = "enable"
   ssl.cipher-list             = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
 }
diff --git a/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml b/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml
index 43931bd98d..fe71f97b8f 100644
--- a/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml
+++ b/playbooks/hosts/copr-be.cloud.fedoraproject.org.yml
@@ -114,6 +114,13 @@
     tags:
     - config 
 
+  - name: copy httpd ssl certificates (CAcert)
+    action: copy src="{{ files }}/copr/DigiCertCA.crt" dest="/etc/lighttpd/" owner=root group=root mode=0600
+    tags:
+    - config
+    notify:
+    - restart lighttpd
+
   # mime default to text/plain and enable dirlisting for indexes
   - name: update lighttpd configs
     action: copy src="{{ files }}/copr/lighttpd/{{ item }}" dest="/etc/lighttpd/conf.d/{{ item }}" owner=root group=root mode=0644