diff --git a/client/tools/mgr-push/mgr-push.changes.mbussolotto.rhnpush_ca_cerfificate_path b/client/tools/mgr-push/mgr-push.changes.mbussolotto.rhnpush_ca_cerfificate_path
new file mode 100644
index 000000000000..aa3abb2f4b52
--- /dev/null
+++ b/client/tools/mgr-push/mgr-push.changes.mbussolotto.rhnpush_ca_cerfificate_path
@@ -0,0 +1 @@
+-  Use CA certificate from /etc/pki/trust/anchors in rhnpush
diff --git a/client/tools/mgr-push/rhnpush_config.py b/client/tools/mgr-push/rhnpush_config.py
index 938ff841d75b..d8d0e9ebcf94 100644
--- a/client/tools/mgr-push/rhnpush_config.py
+++ b/client/tools/mgr-push/rhnpush_config.py
@@ -20,6 +20,7 @@
 #
 
 import sys
+import os
 
 # pylint: disable=F0401
 if sys.version_info[0] == 3:
@@ -36,6 +37,14 @@ class rhnpushConfigParser:
     # pylint: disable=W0201
     _instance = None
 
+    def get_ca_bundle_path(self):
+        if os.system("grep -iq '^ID_LIKE=.*suse' /etc/os-release") == 0:
+            return '/etc/ssl/ca-bundle.pem'
+        if os.system("grep -iq '^ID_LIKE=.*rhel' /etc/os-release") == 0:
+            return '/etc/pki/tls/certs/ca-bundle.crt'
+        if os.system("grep -iq '^ID_LIKE=.*debian' /etc/os-release") == 0:
+            return '/etc/ssl/certs/ca-certificates.crt'
+
     def __init__(self, filename=None, ensure_consistency=False):
 
         # Defaults that are used if the ensure_consistency parameter of the constructor is true
@@ -66,7 +75,7 @@ def __init__(self, filename=None, ensure_consistency=False):
             'no_session_caching':   '0',
             'proxy':   '',
             'tolerant':   '0',
-            'ca_chain':   '/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT',
+            'ca_chain':  get_ca_bundle_path(), 
             'timeout': None
         }
 
diff --git a/client/tools/mgr-push/rhnpushrc b/client/tools/mgr-push/rhnpushrc
index 1d63522f73a9..670c09256911 100644
--- a/client/tools/mgr-push/rhnpushrc
+++ b/client/tools/mgr-push/rhnpushrc
@@ -74,7 +74,7 @@ no_session_caching  =   0
 tolerant        =   0
 
 #The CA cert used to verify the ssl server
-ca_chain        =   /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
+ca_chain        =   /etc/pki/trust/anchors/LOCAL-RHN-ORG-TRUSTED-SSL-CERT
 
 #Default connection timeout, (no value for default)
 timeout         = 300
diff --git a/testsuite/features/step_definitions/common_steps.rb b/testsuite/features/step_definitions/common_steps.rb
index 349842f7da31..0c67cfd6eb67 100644
--- a/testsuite/features/step_definitions/common_steps.rb
+++ b/testsuite/features/step_definitions/common_steps.rb
@@ -507,7 +507,7 @@
 end
 
 When(/^I push package "([^"]*)" into "([^"]*)" channel$/) do |arg1, arg2|
-  srvurl = "http://#{ENV['SERVER']}/APP"
+  srvurl = "https://#{ENV['SERVER']}/APP"
   command = "rhnpush --server=#{srvurl} -u admin -p admin --nosig -c #{arg2} #{arg1} "
   get_target('server').run(command, timeout: 500)
   get_target('server').run('ls -lR /var/spacewalk/packages', timeout: 500)