diff --git a/keycloak_oauth/__init__.py b/keycloak_oauth/__init__.py
index 6f647b6..1a49751 100644
--- a/keycloak_oauth/__init__.py
+++ b/keycloak_oauth/__init__.py
@@ -1,4 +1,5 @@
 from pathlib import Path
+import ssl
 from typing import Any
 import pydantic
 from authlib.common.security import generate_token
@@ -37,6 +38,11 @@ def __init__(
 
         oauth = OAuth()
 
+        # HACK: load custom certificate including default certifi cacert chain
+        if verify := client_kwargs.get("verify"):
+            ssl_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23, verify=verify)
+            client_kwargs["verify"] = ssl_context
+
         oauth.register(
             name="keycloak",
             # client_id and client_secret are created in keycloak