diff --git a/oslo_vmware/rw_handles.py b/oslo_vmware/rw_handles.py
index e2f1bed0..3a01ed9d 100644
--- a/oslo_vmware/rw_handles.py
+++ b/oslo_vmware/rw_handles.py
@@ -78,7 +78,7 @@ class FileHandle(object):
                     cert_reqs = ssl.CERT_REQUIRED
                 else:
                     cert_reqs = ssl.CERT_NONE
-                cacerts = None
+                cacerts = requests.certs.where()
             conn.set_cert(ca_certs=cacerts, cert_reqs=cert_reqs,
                           assert_fingerprint=ssl_thumbprint)
         else:
diff --git a/oslo_vmware/tests/test_rw_handles.py b/oslo_vmware/tests/test_rw_handles.py
index ba33ce54..064ad8ec 100644
--- a/oslo_vmware/tests/test_rw_handles.py
+++ b/oslo_vmware/tests/test_rw_handles.py
@@ -20,6 +20,7 @@ Unit tests for read and write handles for image transfer.
 import ssl
 
 import mock
+import requests
 import six
 
 from oslo_vmware import exceptions
@@ -57,8 +58,10 @@ class FileHandleTest(base.TestCase):
         ret = handle._create_connection('https://localhost/foo?q=bar', 'GET')
 
         self.assertEqual(conn, ret)
+        ca_store = requests.certs.where()
         conn.set_cert.assert_called_once_with(
-            ca_certs=None, cert_reqs=ssl.CERT_NONE, assert_fingerprint=None)
+            ca_certs=ca_store, cert_reqs=ssl.CERT_NONE,
+            assert_fingerprint=None)
         conn.putrequest.assert_called_once_with('GET', '/foo?q=bar')
 
     @mock.patch('urllib3.connection.HTTPSConnection')
@@ -71,8 +74,9 @@ class FileHandleTest(base.TestCase):
                                         cacerts=True)
 
         self.assertEqual(conn, ret)
+        ca_store = requests.certs.where()
         conn.set_cert.assert_called_once_with(
-            ca_certs=None, cert_reqs=ssl.CERT_REQUIRED,
+            ca_certs=ca_store, cert_reqs=ssl.CERT_REQUIRED,
             assert_fingerprint=None)
 
     @mock.patch('urllib3.connection.HTTPSConnection')