diff --git a/user-manager-server/src/main/java/de/itvsh/kop/user/MongodbCertificateLoader.java b/user-manager-server/src/main/java/de/itvsh/kop/user/MongodbCertificateLoader.java
index b3d95e0a89fe4cf8a06fb73d1ca31bd6b213ac58..1965390314172e1090b2a8a645f0ed64d58a6e95 100644
--- a/user-manager-server/src/main/java/de/itvsh/kop/user/MongodbCertificateLoader.java
+++ b/user-manager-server/src/main/java/de/itvsh/kop/user/MongodbCertificateLoader.java
@@ -14,6 +14,7 @@ import java.security.cert.CertificateFactory;
 
 import javax.enterprise.context.ApplicationScoped;
 import javax.enterprise.event.Observes;
+import javax.net.ssl.TrustManagerFactory;
 
 import org.apache.commons.io.IOUtils;
 import org.eclipse.microprofile.config.inject.ConfigProperty;
@@ -43,6 +44,8 @@ class MongodbCertificateLoader {
 		try {
 			var trustStore = initKeyStore();
 			trustStore.setCertificateEntry("ca", generateCertificate());
+			TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+			tmf.init(trustStore);
 			return trustStore;
 		} catch (Exception e) {
 			throw new TechnicalException("Error building KeyStore", e);
@@ -52,7 +55,7 @@ class MongodbCertificateLoader {
 	KeyStore initKeyStore() {
 		try {
 			var trustStore = KeyStore.getInstance("pkcs12");
-			trustStore.load(null, null);
+			trustStore.load(null);
 			return trustStore;
 		} catch (Exception e) {
 			throw new TechnicalException("Error init KeyStore", e);