diff --git a/files/osbs/buildroot-Dockerfile b/files/osbs/buildroot-Dockerfile.j2
similarity index 66%
rename from files/osbs/buildroot-Dockerfile
rename to files/osbs/buildroot-Dockerfile.j2
index f5735c9cb4..e59cd535d9 100644
--- a/files/osbs/buildroot-Dockerfile
+++ b/files/osbs/buildroot-Dockerfile.j2
@@ -3,5 +3,8 @@ RUN dnf -y install docker git python-docker-py python-setuptools e2fsprogs koji
 ADD ./atomic-reactor.tar.gz /tmp/
 RUN cd /tmp/atomic-reactor-*/ && python setup.py install
 ADD ./ca.crt /etc/pki/ca-trust/source/anchors/osbs-dev.ca.crt
+RUN mkdir -p /etc/docker/certs.d/{{docker_registry}}
+ADD ./client.key /etc/docker/certs.d/{{docker_registry}}/client.key
+ADD ./client.cert /etc/docker/certs.d/{{docker_registry}}/client.cert
 RUN update-ca-trust
 CMD ["atomic-reactor", "--verbose", "inside-build"]
diff --git a/playbooks/groups/osbs-master.yml b/playbooks/groups/osbs-master.yml
index c25e81ba32..ed310ea9a6 100644
--- a/playbooks/groups/osbs-master.yml
+++ b/playbooks/groups/osbs-master.yml
@@ -278,9 +278,25 @@
         path: "/etc/osbs/buildroot/"
         state: directory
 
-    - name: Upload Dockerfile for buildroot container
+    - name: install docker client cert for buildroot to auth to registry
       copy:
-        src: "{{ files }}/osbs/buildroot-Dockerfile"
+        src: "{{private}}/files/koji/containerbuild.cert.pem"
+        dest: "/etc/osbs/buildroot/client.cert"
+        mode: 0400
+      notify:
+        - buildroot container
+
+    - name: install docker client key for buildroot to auth to registry
+      copy:
+        src: "{{private}}/files/koji/containerbuild.key.pem"
+        dest: "/etc/osbs/buildroot/client.key"
+        mode: 0400
+      notify:
+        - buildroot container
+
+    - name: Upload Dockerfile for buildroot container
+      template:
+        src: "{{ files }}/osbs/buildroot-Dockerfile.j2"
         dest: "/etc/osbs/buildroot/Dockerfile"
         mode: 0400
       notify: