diff --git a/keystore-truststore-from-tls-secret.dockerfile b/keystore-truststore-from-tls-secret.dockerfile
index a1a32fa07d56cff3a8db958db1b09b31513e2046..7e7625e559ddabee49af2349a9c6a66312bd3cd0 100644
--- a/keystore-truststore-from-tls-secret.dockerfile
+++ b/keystore-truststore-from-tls-secret.dockerfile
@@ -2,8 +2,9 @@ FROM alpine:3.21
 
 RUN apk add --no-cache openssl openjdk11
 
-COPY src/main/resources/store/keystore-truststore-from-tls-secret.sh /opt/
+COPY --chown=185 src/main/resources/store/keystore-truststore-from-tls-secret.sh /opt/
 
 VOLUME /store /tls
+USER 185
 
 ENTRYPOINT [ "/bin/sh", "/opt/keystore-truststore-from-tls-secret.sh" ]
\ No newline at end of file
diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index e07e2a70ee1e579633495d1e835ce474031ae692..7ea7752f4eb6bfbd792b149b3c1318d78d1b4441 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -61,6 +61,8 @@ spec:
         - name: init-keystore-and-truststore
           image: docker.ozg-sh.de/keystore-truststore-from-tls-secret:latest
           command: ["/bin/sh", "/opt/keystore-truststore-from-tls-secret.sh"]
+          securityContext:
+            runAsUser: 185
           volumeMounts:
             - name: xta-test-server-tls-store
               mountPath: "/tls/"