diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 9b73d3522742577496587a2309d6dd250ab3b9bf..8f689f8366412e4a0ee11df863b49cb8f104a543 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -9,7 +9,7 @@ variables:
 default:
   # built via:
   #     docker load < $(nix-build nix/docker-image.nix)
-  image: registry.k0.hswaw.net/q3k/flow3r-build:n7b7mjzzpf20jfdbmv1j1cl55n8x01xx
+  image: registry.k0.hswaw.net/q3k/flow3r-build:ymrsh8w1z9l89qvvksw52k7sl54lx73q
 
 clang-tidy:
   stage: check
diff --git a/nix/docker-image.nix b/nix/docker-image.nix
index 6f63a5db4b349e09188446a6e0c29789bdf1faaa..37494c62a15d0927619a6b958fefd2ce8265d62e 100644
--- a/nix/docker-image.nix
+++ b/nix/docker-image.nix
@@ -32,6 +32,7 @@ pkgs.dockerTools.buildImage {
       git wget gnumake
       cmake ninja pkgconfig
       gnutar curl bzip2
+      cacert
     ];
     pathsToLink = [ "/bin" ];
   };
@@ -48,6 +49,7 @@ pkgs.dockerTools.buildImage {
       "IDF_PATH=${pkgs.esp-idf}"
       "IDF_COMPONENT_MANAGER=0"
       "TMPDIR=/tmp"
+      "NIX_SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
     ];
   };
 }