diff --git a/docker/Dockerfile.step-ca b/docker/Dockerfile.step-ca
index bccb493c..f9ba1ab4 100644
--- a/docker/Dockerfile.step-ca
+++ b/docker/Dockerfile.step-ca
@@ -7,6 +7,10 @@ ENV PWDPATH="/home/step/secrets/password"
 
 COPY $BINPATH "/usr/local/bin/step-ca"
 
+USER root
+RUN apk add --no-cache libcap && setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/step-ca
+USER step
+
 VOLUME ["/home/step"]
 STOPSIGNAL SIGTERM