diff --git a/app/models/manageiq/providers/redhat/infra_manager/api_integration.rb b/app/models/manageiq/providers/redhat/infra_manager/api_integration.rb
index 9543429d6..aebee388a 100644
--- a/app/models/manageiq/providers/redhat/infra_manager/api_integration.rb
+++ b/app/models/manageiq/providers/redhat/infra_manager/api_integration.rb
@@ -284,6 +284,7 @@ def raw_connect_v4(options = {})
       # values, so we need to check the value passed and make a list only if it won't be empty. If it will be empty then
       # we should just pass 'nil'.
       ca_certs = options[:ca_certs]
+      ca_certs = nil if ca_certs.blank?
       ca_certs = [ca_certs] if ca_certs
 
       url = URI::Generic.build(
@@ -310,6 +311,11 @@ def raw_connect_v3(options = {})
       require 'manageiq/providers/ovirt/legacy/inventory'
       Ovirt.logger = $rhevm_log
 
+      # If 'ca_certs' is an empty string then the 'ovirt' gem will trust nothing, but we want it to trust the system CA
+      # certificates. To get that behaviour we need to pass 'nil' instead of the empty string.
+      ca_certs = options[:ca_certs]
+      ca_certs = nil if ca_certs.blank?
+
       params = {
         :server     => options[:server],
         :port       => options[:port].presence && options[:port].to_i,
@@ -317,7 +323,7 @@ def raw_connect_v3(options = {})
         :username   => options[:username],
         :password   => options[:password],
         :verify_ssl => options[:verify_ssl],
-        :ca_certs   => options[:ca_certs]
+        :ca_certs   => ca_certs
       }
 
       read_timeout, open_timeout = ems_timeouts(:ems_redhat, options[:service])