diff --git a/build-sonarscanner.jenkins b/build-sonarscanner.jenkins
index 8128216..42caf4e 100644
--- a/build-sonarscanner.jenkins
+++ b/build-sonarscanner.jenkins
@@ -64,6 +64,21 @@ spec:
 		stage("Kaniko Build & Push") {
 			container ("kaniko") {
 				def dockerfile = """
+FROM docker.io/sonarsource/sonar-scanner-cli:latest
+
+USER root
+
+COPY ${caName} /etc/ssl/private/${caName}
+
+RUN keytool \\
+  -importcert \\
+  -noprompt \\
+  -alias ${caName} \\
+  -file /etc/ssl/private/${caName} \\
+  -keystore /opt/java/openjdk/lib/security/cacerts \\
+  -storepass "changeit"
+
+USER scanner-cli
 """
 				writeFile (file: workspace + "/${caName}", text: caContent)
 				writeFile (file: workspace + "/Dockerfile", text: dockerfile)