diff --git a/roles/fedmsg/base/templates/ssl.py.j2 b/roles/fedmsg/base/templates/ssl.py.j2
index 0952ee11d6..47fcc96eb0 100644
--- a/roles/fedmsg/base/templates/ssl.py.j2
+++ b/roles/fedmsg/base/templates/ssl.py.j2
@@ -27,7 +27,12 @@ config = dict(
     validate_signatures=True,
     ssldir="/etc/pki/fedmsg",
 
+    {% if env == 'staging' %}
+    # In staging, we use the internal IP of proxy01 without ssl.
+    crl_location="http://10.5.126.88/fedmsg/crl.pem",
+    {% else %}
     crl_location="https://fedoraproject.org/fedmsg/crl.pem",
+    {% endif %}
     crl_cache="/var/run/fedmsg/crl.pem",
     crl_cache_expiry=86400,  # Daily