diff --git a/cmd/kyverno/Dockerfile b/cmd/kyverno/Dockerfile
index 8c0939e4c6..71b58e72ca 100644
--- a/cmd/kyverno/Dockerfile
+++ b/cmd/kyverno/Dockerfile
@@ -1,5 +1,9 @@
-# Multi-stage docker build
-# Build stage
+FROM golang:alpine AS certs
+
+LABEL maintainer="Kyverno"
+
+RUN apk add --no-cache ca-certificates
+
 FROM golang@sha256:724abf4dd44985d060f7aa91af5211eb2052491424bd497ba3ddc31f7cee969d AS builder
 
 LABEL maintainer="Kyverno"
@@ -16,8 +20,6 @@ RUN export GOOS=$(echo ${TARGETPLATFORM} | cut -d / -f1) && \
 
 RUN go env
 
-RUN apk add --no-cache ca-certificates
-
 RUN CGO_ENABLED=0 go build -o /output/kyverno -ldflags="${LD_FLAGS}" -v ./cmd/kyverno/
 
 # Packaging stage
@@ -26,7 +28,7 @@ FROM scratch
 LABEL maintainer="Kyverno"
 COPY --from=builder /output/kyverno /
 COPY --from=builder /etc/passwd /etc/passwd
-COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 
 USER 10001