diff --git a/docker/Dockerfile.step-ca b/docker/Dockerfile.step-ca
index f9ba1ab4..5d8fdacd 100644
--- a/docker/Dockerfile.step-ca
+++ b/docker/Dockerfile.step-ca
@@ -1,12 +1,19 @@
+FROM golang:alpine AS builder
+
+RUN mkdir /src
+ADD . /src
+
+RUN apk add --no-cache make git curl && \
+    cd /src && \
+    make V=1 bin/step-ca 
+
 FROM smallstep/step-cli:latest
 
-ARG BINPATH="bin/step-ca"
+COPY --from=builder /src/bin/step-ca /usr/local/bin/step-ca
 
 ENV CONFIGPATH="/home/step/config/ca.json"
 ENV PWDPATH="/home/step/secrets/password"
 
-COPY $BINPATH "/usr/local/bin/step-ca"
-
 USER root
 RUN apk add --no-cache libcap && setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/step-ca
 USER step
diff --git a/make/docker.mk b/make/docker.mk
index da41fd60..0e492866 100644
--- a/make/docker.mk
+++ b/make/docker.mk
@@ -6,18 +6,32 @@
 # binary is copied to a new image that is optimized for size.
 #########################################
 
+# Testing: output images to out/ with -o out, like this:
+# docker buildx build . --progress plain -t step-ca:master  -f docker/Dockerfile --platform linux/amd64,linux/arm/v7,linux/386,linux/arm64 -o out
+
+ifeq (, $(shell which docker))
+	DOCKER_CLIENT_OS := linux
+else
+	DOCKER_CLIENT_OS := $(strip $(shell docker version -f '{{.Client.Os}}'))
+endif
+
+DOCKER_PLATFORMS = linux/amd64,linux/386,linux/arm,linux/arm64
+DOCKER_IMAGE_NAME = smallstep/step-ca
+
 docker-prepare:
 	# Ensure, we can build for ARM architecture
+ifeq (linux,$(DOCKER_CLIENT_OS))
 	[ -f /proc/sys/fs/binfmt_misc/qemu-arm ] || docker run --rm --privileged docker/binfmt:a7996909642ee92942dcd6cff44b9b95f08dad64
+endif
 
 	# Register buildx builder
 	mkdir -p $$HOME/.docker/cli-plugins
 
-	wget -O $$HOME/.docker/cli-plugins/docker-buildx https://github.com/docker/buildx/releases/download/v0.3.1/buildx-v0.3.1.linux-amd64
-	chmod +x $$HOME/.docker/cli-plugins/docker-buildx
+	docker buildx >/dev/null || \
+		wget -O $$HOME/.docker/cli-plugins/docker-buildx https://github.com/docker/buildx/releases/download/v0.4.1/buildx-v0.4.1.$(DOCKER_CLIENT_OS)-amd64 && \
+		chmod +x $$HOME/.docker/cli-plugins/docker-buildx
 
-	$$HOME/.docker/cli-plugins/docker-buildx create --name mybuilder --platform amd64 --platform arm || true
-	$$HOME/.docker/cli-plugins/docker-buildx use mybuilder
+	docker buildx create --use --name mybuilder --platform="$(DOCKER_PLATFORMS)" || true
 
 .PHONY: docker-prepare
 
@@ -39,13 +53,10 @@ docker-login:
 # Targets for different type of builds
 #################################################
 
-DOCKER_IMAGE_NAME = smallstep/step-ca
-PLATFORMS = --platform amd64 --platform 386 --platform arm --platform arm64
-
 define DOCKER_BUILDX
 	# $(1) -- Image Tag
 	# $(2) -- Push (empty is no push | --push will push to dockerhub)
-	$$HOME/.docker/cli-plugins/docker-buildx build . --progress plain -t $(DOCKER_IMAGE_NAME):$(1) -f docker/Dockerfile.step-ca $(PLATFORMS) $(2)
+	docker buildx build . --progress plain -t $(DOCKER_IMAGE_NAME):$(1) -f docker/Dockerfile.step-ca --platform="$(DOCKER_PLATFORMS)" $(2)
 endef
 
 # For non-master builds don't build the docker containers.