diff --git a/lib/linux_admin/registration_system/subscription_manager.rb b/lib/linux_admin/registration_system/subscription_manager.rb
index 086fe9d..d69d77b 100644
--- a/lib/linux_admin/registration_system/subscription_manager.rb
+++ b/lib/linux_admin/registration_system/subscription_manager.rb
@@ -25,6 +25,9 @@ def refresh
 
     def organizations(options)
       raise ArgumentError, "username and password are required" unless options[:username] && options[:password]
+
+      install_server_certificate(options[:server_url], SATELLITE6_SERVER_CERT_PATH) if options[:server_url]
+
       cmd = "subscription-manager orgs"
 
       params = {"--username=" => options[:username], "--password=" => options[:password]}
diff --git a/spec/subscription_manager_spec.rb b/spec/subscription_manager_spec.rb
index cb68d9c..155a7a9 100644
--- a/spec/subscription_manager_spec.rb
+++ b/spec/subscription_manager_spec.rb
@@ -131,7 +131,10 @@
   context "#organizations" do
     it "with valid credentials" do
       run_options = ["subscription-manager orgs", {:params=>{"--username="=>"SomeUser", "--password="=>"SomePass", "--proxy="=>"1.2.3.4", "--proxyuser="=>"ProxyUser", "--proxypassword="=>"ProxyPass", "--serverurl="=>"192.168.1.1"}}]
+
+      LinuxAdmin::Rpm.should_receive(:upgrade).with("http://192.168.1.1/pub/candlepin-cert-consumer-latest.noarch.rpm")
       described_class.any_instance.should_receive(:run!).once.with(*run_options).and_return(double(:output => sample_output("subscription_manager/output_orgs")))
+
       expect(described_class.new.organizations({:username=>"SomeUser", :password=>"SomePass", :proxy_address=>"1.2.3.4", :proxy_username=>"ProxyUser", :proxy_password=>"ProxyPass", :server_url=>"192.168.1.1"})).to eq({"SomeOrg"=>{:name=>"SomeOrg", :key=>"1234567"}})
     end