diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml
index 852c0ae851..dfb686483f 100644
--- a/.gitea/workflows/build.yml
+++ b/.gitea/workflows/build.yml
@@ -20,6 +20,30 @@ jobs:
       CCACHE_SLOPPINESS: "include_file_ctime,include_file_mtime,pch_defines,time_macros"
 
     steps:
+      - name: Trust FreeIPA CA certificate
+        shell: bash
+        run: |
+          # Download and install the FreeIPA CA certificate for SSL verification
+          echo "Downloading FreeIPA CA certificate..."
+          curl -fsSL -o /tmp/ipa-ca.crt https://ipa.kindred.internal/ipa/config/ca.crt
+
+          # Verify the certificate is valid
+          echo "Verifying certificate..."
+          openssl x509 -in /tmp/ipa-ca.crt -text -noout | head -20
+
+          # Install to system trust store
+          sudo cp /tmp/ipa-ca.crt /usr/local/share/ca-certificates/ipa-ca.crt
+          sudo update-ca-certificates
+
+          # Set NODE_EXTRA_CA_CERTS for Node.js-based actions
+          echo "NODE_EXTRA_CA_CERTS=/tmp/ipa-ca.crt" >> $GITHUB_ENV
+
+          # Verify SSL connection to Gitea works
+          echo "Testing SSL connection to Gitea..."
+          curl -fsSL --cacert /tmp/ipa-ca.crt https://gitea.kindred.internal/api/v1/version
+          echo ""
+          echo "SSL certificate setup complete"
+
       - name: Install node if needed
         shell: bash
         run: |
diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml
index 1718ad5bf2..55e0fdb9e9 100644
--- a/.gitea/workflows/release.yml
+++ b/.gitea/workflows/release.yml
@@ -28,6 +28,30 @@ jobs:
       CXXFLAGS: "-march=x86-64-v3 -O3"
 
     steps:
+      - name: Trust FreeIPA CA certificate
+        shell: bash
+        run: |
+          # Download and install the FreeIPA CA certificate for SSL verification
+          echo "Downloading FreeIPA CA certificate..."
+          curl -fsSL -o /tmp/ipa-ca.crt https://ipa.kindred.internal/ipa/config/ca.crt
+
+          # Verify the certificate is valid
+          echo "Verifying certificate..."
+          openssl x509 -in /tmp/ipa-ca.crt -text -noout | head -20
+
+          # Install to system trust store
+          sudo cp /tmp/ipa-ca.crt /usr/local/share/ca-certificates/ipa-ca.crt
+          sudo update-ca-certificates
+
+          # Set NODE_EXTRA_CA_CERTS for Node.js-based actions
+          echo "NODE_EXTRA_CA_CERTS=/tmp/ipa-ca.crt" >> $GITHUB_ENV
+
+          # Verify SSL connection to Gitea works
+          echo "Testing SSL connection to Gitea..."
+          curl -fsSL --cacert /tmp/ipa-ca.crt https://gitea.kindred.internal/api/v1/version
+          echo ""
+          echo "SSL certificate setup complete"
+
       - name: Install node if needed
         shell: bash
         run: |