diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index bb614897c..91d980e5d 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-SITE_PKG_DIR=${SITE_PKG_DIR:="$(python3 -c 'import site; print(site.getsitepackages())')"}
+set -euo pipefail
 
 if [[ "${SET_HOSTID_TO_HOSTNAME}" == "true" ]]; then
     echo "Setting ANCHORE_HOST_ID to ${HOSTNAME}"
@@ -8,11 +8,11 @@ if [[ "${SET_HOSTID_TO_HOSTNAME}" == "true" ]]; then
 fi
 
 # check if /home/anchore/certs/ exists & has files in it
-if [[ -d "/home/anchore/certs" ]] && [[ ! -z "$(ls -A /home/anchore/certs)" ]]; then
+if [[ -d "/home/anchore/certs" ]] && [[ -n "$(ls -A /home/anchore/certs)" ]]; then
     mkdir -p /home/anchore/certs_override/python
     mkdir -p /home/anchore/certs_override/os
     ### for python
-    cp $SITE_PKG_DIR/certifi/cacert.pem /home/anchore/certs_override/python/cacert.pem
+    cp "$(python3 -m certifi)" /home/anchore/certs_override/python/cacert.pem
     for file in /home/anchore/certs/*; do
         if grep -q 'BEGIN CERTIFICATE' "${file}"; then
             cat "${file}" >> /home/anchore/certs_override/python/cacert.pem