diff --git a/ckan-datapusher/Dockerfile b/ckan-datapusher/Dockerfile
index a5ffd20..0a09e7a 100644
--- a/ckan-datapusher/Dockerfile
+++ b/ckan-datapusher/Dockerfile
@@ -25,8 +25,9 @@ RUN \
  && find /srv/ckan-datapusher/src -name '.git*' -exec rm -rf {} + \
  && rm -rf /root/.cache
 
+COPY docker/ /
+
 VOLUME ["/etc/ckan-datapusher", "/srv/ckan-datapusher/data"]
 EXPOSE 8080
 
-USER ckandp
-CMD ["uwsgi", "--plugin", "python", "--http-socket", "0.0.0.0:8080", "--wsgi-file", "/etc/ckan-datapusher/datapusher.wsgi", "--enable-threads"]
+CMD ["s6-svscan", "/etc/services.d"]
diff --git a/ckan-datapusher/docker/bin/add-ca-cert b/ckan-datapusher/docker/bin/add-ca-cert
new file mode 100644
index 0000000..565c302
--- /dev/null
+++ b/ckan-datapusher/docker/bin/add-ca-cert
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+/bin/cat /etc/ssl/services.pem >>/usr/lib/python2.7/site-packages/requests/cacert.pem
+/bin/cat /etc/ssl/services.pem >>/usr/lib/python2.7/site-packages/certifi/cacert.pem
diff --git a/ckan-datapusher/docker/etc/services.d/.s6-svscan/finish b/ckan-datapusher/docker/etc/services.d/.s6-svscan/finish
new file mode 100644
index 0000000..78d5fdc
--- /dev/null
+++ b/ckan-datapusher/docker/etc/services.d/.s6-svscan/finish
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+/bin/true
diff --git a/ckan-datapusher/docker/etc/services.d/ckan-datapusher/run b/ckan-datapusher/docker/etc/services.d/ckan-datapusher/run
new file mode 100644
index 0000000..c07d6eb
--- /dev/null
+++ b/ckan-datapusher/docker/etc/services.d/ckan-datapusher/run
@@ -0,0 +1,6 @@
+#!/bin/execlineb -P
+
+fdmove -c 2 1
+foreground { /bin/add-ca-cert }
+s6-setuidgid 8004:8004
+/usr/sbin/uwsgi --plugin python --http-socket 0.0.0.0:8080 --wsgi-file /etc/ckan-datapusher/datapusher.wsgi --enable-threads
diff --git a/ckan-datapusher/etc/init.d/ckan-datapusher b/ckan-datapusher/etc/init.d/ckan-datapusher
index 7e32871..1d9b6f9 100755
--- a/ckan-datapusher/etc/init.d/ckan-datapusher
+++ b/ckan-datapusher/etc/init.d/ckan-datapusher
@@ -10,6 +10,7 @@ start() {
 	/usr/bin/docker run -d --rm \
 	--name ckan-datapusher \
 	-h ckan-datapusher \
+	-v /etc/ssl/services.pem:/etc/ssl/services.pem \
 	-v /srv/ckan-datapusher/conf:/etc/ckan-datapusher \
 	-v /srv/ckan-datapusher/data:/srv/ckan-datapusher/data \
 	ckan-datapusher