diff --git a/config/application.rb b/config/application.rb
index d6e9cd1..37e743f 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -42,6 +42,7 @@ require File.expand_path('../../lib/foreman.rb', __FILE__)
 require File.expand_path('../../lib/timed_cached_store.rb', __FILE__)
 require File.expand_path('../../lib/foreman/exception', __FILE__)
 require File.expand_path('../../lib/core_extensions', __FILE__)
+require File.expand_path('../../lib/ssl_context_monkey_patch', __FILE__)
 
 if SETTINGS[:support_jsonp]
   if File.exist?(File.expand_path('../../Gemfile.in', __FILE__))
diff --git a/lib/ssl_context_monkey_patch.rb b/lib/ssl_context_monkey_patch.rb
new file mode 100644
index 0000000..9871a1e
--- /dev/null
+++ b/lib/ssl_context_monkey_patch.rb
@@ -0,0 +1,16 @@
+require 'openssl'
+
+# we need to enforce verify_mode => 1 on SSL context
+# more info in http://projects.theforeman.org/issues/9858
+class OpenSSL::SSL::SSLContext
+  alias __original_initialize initialize
+  private :__original_initialize
+
+  def initialize(*args)
+      __original_initialize(*args)
+      params = {
+        :options => DEFAULT_PARAMS[:options],
+      }
+      set_params(params)
+    end
+end