diff --git a/build-alpine.jenkins b/build-alpine.jenkins
index 64d8ddd..4ca5750 100644
--- a/build-alpine.jenkins
+++ b/build-alpine.jenkins
@@ -1,5 +1,6 @@
 def label = "jenkins-${UUID.randomUUID().toString()}"
 
+def kanikoImage = "registry.test-chamber-13.lan:5000/nhyatt/kaniko:latest"
 def pushRepo = "registry.test-chamber-13.lan:5000"
 def repositoryCreds = "quay-repository-creds"
 
@@ -33,7 +34,7 @@ spec:
   containers:
   - name: kaniko
     imagePullPolicy: Always
-    image: gcr.io/kaniko-project/executor:debug
+    image: ${kanikoImage}
     tty: true
     command:
     - /busybox/cat
@@ -58,7 +59,6 @@ spec:
 					sh """
 						set +x
 						echo '${dockerJSON}' > /kaniko/.docker/config.json
-						printf '%s\\n' "${caContent}" >> /kaniko/ssl/certs/ca-certificates.crt
 						set -x
 					"""
 				}
diff --git a/build-kaniko.jenkins b/build-kaniko.jenkins
new file mode 100644
index 0000000..a050e1c
--- /dev/null
+++ b/build-kaniko.jenkins
@@ -0,0 +1,78 @@
+def label = "jenkins-${UUID.randomUUID().toString()}"
+
+def pushRepo = "registry.test-chamber-13.lan:5000"
+def repositoryCreds = "quay-repository-creds"
+
+def caContent = """
+-----BEGIN CERTIFICATE-----
+MIICLTCCAbOgAwIBAgIDAYagMAoGCCqGSM49BAMEME0xCzAJBgNVBAYTAlVTMScw
+JQYDVQQKDB5UZXN0IENoYW1iZXIgMTMgVHJ1c3QgU2VydmljZXMxFTATBgNVBAMM
+DFRDMTMgUm9vdCBSMTAgFw0xOTAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFow
+TTELMAkGA1UEBhMCVVMxJzAlBgNVBAoMHlRlc3QgQ2hhbWJlciAxMyBUcnVzdCBT
+ZXJ2aWNlczEVMBMGA1UEAwwMVEMxMyBSb290IFIxMHYwEAYHKoZIzj0CAQYFK4EE
+ACIDYgAE8+/J1ECc0VHxTtGXFLnHJ3NGZ2SW38pp9wI58L5EQbHRLiezYuvkUbI/
+XGJjLnFdpgjo7W1FFlyhx5ITlCstUX5Sn9bLZiA0+mE0n6b8VwhXwkHlnIeRo7od
+Zu/OfSFjo2MwYTAdBgNVHQ4EFgQUrGqUJhyRp93wXF645VNtYatRk/AwHwYDVR0j
+BBgwFoAUrGqUJhyRp93wXF645VNtYatRk/AwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
+HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwQDaAAwZQIxAJdgskimDJkf/MGVRrKotmNC
+xdH/UVQfQppjIR9FAiGeFDr47thclYrzIL6yCkV7nwIwYjf3MbOm/yWblzqe3Uyw
+UOemMEg3PjcKNsN65W2WVon5HIZx2XVfGRPjf5ZTVWzZ
+-----END CERTIFICATE-----
+"""
+
+podTemplate(
+	label: label,
+	name: "pipeline-worker",
+	yaml: """---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: pipeline-worker
+spec:
+  containers:
+  - name: kaniko
+    imagePullPolicy: Always
+    image: gcr.io/kaniko-project/executor:debug
+    tty: true
+    command:
+    - /busybox/cat
+""",
+) {
+	node (label) {
+		def workspace = pwd()
+
+		stage ("Prepare Kaniko") {
+			container ("kaniko") {
+				withCredentials([usernameColonPassword(
+					credentialsId: repositoryCreds,
+					variable: "dCreds",
+				)]) {
+					def dockerJSON = """{
+						"auths": {
+							"registry.test-chamber-13.lan:5000": {
+								"auth": "${dcreds.bytes.encodeBase64().toString()}"
+							}
+						}
+					}"""
+					sh """
+						set +x
+						echo '${dockerJSON}' > /kaniko/.docker/config.json
+						set -x
+printf '%s\\n' "${caContent}" >> /kaniko/ssl/certs/ca-certificates.crt
+					"""
+				}
+			}
+		}
+
+		stage("Build Alpine with CA") {
+			container("kaniko") {
+				def DF = """FROM gcr.io/kaniko-project/executor:debug
+COPY kaniko-chain.crt /kaniko/ssl/certs/ca-certificates.crt
+"""
+				sh "cp /kaniko/ssl/certs/ca-certificates.crt \"${workspace}/kaniko-chain.crt\""
+				writeFile(file: workspace + "/Dockerfile", text: DF)
+				sh "/kaniko/executor --cleanup --skip-tls-verify --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"${pushRepo}/nhyatt/kaniko:latest\""
+			}
+		}
+	}
+}
\ No newline at end of file