diff --git a/util/pom.xml b/util/pom.xml
index d99d791da..7fa8edf6c 100644
--- a/util/pom.xml
+++ b/util/pom.xml
@@ -101,4 +101,15 @@
       <scope>test</scope>
     </dependency>
   </dependencies>
+  <build>
+    <resources>
+      <resource>
+        <directory>src/main/resources</directory>
+        <filtering>true</filtering>
+        <excludes>
+          <exclude>**/*.p12</exclude>
+        </excludes>
+      </resource>
+    </resources>
+  </build>
 </project>
diff --git a/util/src/main/java/com/google/cloud/hadoop/util/HttpTransportFactory.java b/util/src/main/java/com/google/cloud/hadoop/util/HttpTransportFactory.java
index cf7bee6d8..3e20d648b 100644
--- a/util/src/main/java/com/google/cloud/hadoop/util/HttpTransportFactory.java
+++ b/util/src/main/java/com/google/cloud/hadoop/util/HttpTransportFactory.java
@@ -23,6 +23,7 @@
 import com.google.api.client.googleapis.GoogleUtils;
 import com.google.api.client.http.HttpTransport;
 import com.google.api.client.http.javanet.NetHttpTransport;
+import com.google.api.client.util.SecurityUtils;
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.flogger.GoogleLogger;
 import java.io.IOException;
@@ -37,6 +38,7 @@
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.security.GeneralSecurityException;
+import java.security.KeyStore;
 import java.time.Duration;
 import javax.annotation.Nullable;
 import javax.net.ssl.HttpsURLConnection;
@@ -45,6 +47,8 @@
 /** Factory for creating HttpTransport types. */
 public class HttpTransportFactory {
   private static final GoogleLogger logger = GoogleLogger.forEnclosingClass();
+  private static final String KEYSTORE_FILE_NAME = "google.p12";
+  private static final String KEYSTORE_PASSWORD = "notasecret";
 
   /**
    * Create an {@link HttpTransport} with socketKeepAlive true
@@ -166,8 +170,18 @@ && getRequestingPort() == proxyUri.getPort()) {
   static NetHttpTransport.Builder createNetHttpTransportBuilder(
       @Nullable URI proxyUri, @Nullable Duration readTimeout)
       throws IOException, GeneralSecurityException {
-    NetHttpTransport.Builder builder =
-        new NetHttpTransport.Builder().trustCertificates(GoogleUtils.getCertificateTrustStore());
+
+    KeyStore keyStore = SecurityUtils.getPkcs12KeyStore();
+    try (InputStream fis =
+        HttpTransportFactory.class.getClassLoader().getResourceAsStream(KEYSTORE_FILE_NAME)) {
+      if (fis == null) {
+        logger.atWarning().log("Error reading " + KEYSTORE_FILE_NAME + " file from resources.");
+        keyStore = GoogleUtils.getCertificateTrustStore();
+      } else {
+        keyStore.load(fis, KEYSTORE_PASSWORD.toCharArray());
+      }
+    }
+    NetHttpTransport.Builder builder = new NetHttpTransport.Builder().trustCertificates(keyStore);
     SSLSocketFactory wrappedSslSocketFactory =
         requireNonNullElseGet(
             builder.getSslSocketFactory(), HttpsURLConnection::getDefaultSSLSocketFactory);
diff --git a/util/src/main/resources/google.p12 b/util/src/main/resources/google.p12
new file mode 100644
index 000000000..d6260c722
Binary files /dev/null and b/util/src/main/resources/google.p12 differ