diff --git a/modules/module-list.nix b/modules/module-list.nix
index d140f7ad335..e51237f1ca0 100644
--- a/modules/module-list.nix
+++ b/modules/module-list.nix
@@ -31,6 +31,7 @@
   ./programs/ssh.nix
   ./programs/ssmtp.nix
   ./rename.nix
+  ./security/ca.nix
   ./security/consolekit.nix
   ./security/pam.nix
   ./security/pam_usb.nix
diff --git a/modules/security/ca.nix b/modules/security/ca.nix
new file mode 100644
index 00000000000..efa32f5e8f3
--- /dev/null
+++ b/modules/security/ca.nix
@@ -0,0 +1,21 @@
+{ config, pkgs, ... }:
+
+with pkgs.lib;
+
+{
+
+  config = {
+
+    environment.etc = singleton
+      { source = "${pkgs.cacert}/etc/ca-bundle.crt";
+        target = "ca-bundle.crt";
+      };
+
+    environment.shellInit =
+      ''
+        export CURL_CA_BUNDLE=/etc/ca-bundle.crt
+      '';
+      
+  };
+
+}