diff --git a/roles/pagure/frontend/tasks/main.yml b/roles/pagure/frontend/tasks/main.yml
index 778f1ccf1a..ad669214ea 100644
--- a/roles/pagure/frontend/tasks/main.yml
+++ b/roles/pagure/frontend/tasks/main.yml
@@ -153,6 +153,22 @@
   - stunnel
   - config
 
+- name: make a bundle file of the cert and intermediate for stunnel
+  shell: cat /etc/pki/tls/certs/pagure.io.cert /etc/pki/tls/certs/pagure.io.intermediate.cert > /etc/pki/tls/certs/pagure.io.bundle.cert creates=/etc/pki/tls/certs/pagure.io.bundle.cert
+  tags:
+  - pagure
+  - stunnel
+  - config
+  when: env != 'pagure-staging'
+
+- name: make a bundle file of the cert and intermediate for stunnel (stg)
+  shell: cat /etc/pki/tls/certs/stg.pagure.io.cert /etc/pki/tls/certs/stg.pagure.io.intermediate.cert > /etc/pki/tls/certs/stg.pagure.io.bundle.cert creates=/etc/pki/tls/certs/stg.pagure.io.bundle.cert
+  tags:
+  - pagure
+  - stunnel
+  - config
+  when: env == 'pagure-staging'
+
 - name: install stunnel.conf
   template: src={{ item.file }}
             dest={{ item.dest }}
diff --git a/roles/pagure/frontend/templates/stunnel-conf.j2 b/roles/pagure/frontend/templates/stunnel-conf.j2
index 6dcf68a09d..25a302195d 100644
--- a/roles/pagure/frontend/templates/stunnel-conf.j2
+++ b/roles/pagure/frontend/templates/stunnel-conf.j2
@@ -1,5 +1,10 @@
-cert = /etc/pki/tls/certs/pagure.io.cert
+{% if env == 'pagure-staging' %}
+cert = /etc/pki/tls/certs/stg.pagure.io.bundle.cert
 key = /etc/pki/tls/certs/pagure.io.key
+{% else %}
+cert = /etc/pki/tls/certs/pagure.io.bundle.cert
+key = /etc/pki/tls/certs/pagure.io.key
+{% endif %}
 pid = /var/run/stunnel.pid
 
 [{{ stunnel_service }}]