diff --git a/patches/boringssl/.patches b/patches/boringssl/.patches
index 35e773ad74db6..d99a7f6c51d57 100644
--- a/patches/boringssl/.patches
+++ b/patches/boringssl/.patches
@@ -1,3 +1,4 @@
 expose_ripemd160.patch
 expose_aes-cfb.patch
 expose_des-ede3.patch
+enable_x509_v_flag_trusted_first_flag.patch
diff --git a/patches/boringssl/enable_x509_v_flag_trusted_first_flag.patch b/patches/boringssl/enable_x509_v_flag_trusted_first_flag.patch
new file mode 100644
index 0000000000000..5c3c96ccb3f4e
--- /dev/null
+++ b/patches/boringssl/enable_x509_v_flag_trusted_first_flag.patch
@@ -0,0 +1,20 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Juan Cruz Viotti <jv@jviotti.com>
+Date: Thu, 30 Sep 2021 13:39:23 -0400
+Subject: Enable X509_V_FLAG_TRUSTED_FIRST flag
+
+Signed-off-by: Juan Cruz Viotti <jv@jviotti.com>
+
+diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
+index 5a881d64c30076404cc800fff9e943bb0b30d2ac..29d5341efc8eb7ae6f90bdde5a8032e99f75c98e 100644
+--- a/crypto/x509/x509_vpm.c
++++ b/crypto/x509/x509_vpm.c
+@@ -528,7 +528,7 @@ static const X509_VERIFY_PARAM default_table[] = {
+      (char *)"default",         /* X509 default parameters */
+      0,                         /* Check time */
+      0,                         /* internal flags */
+-     0,                         /* flags */
++     X509_V_FLAG_TRUSTED_FIRST, /* flags */
+      0,                         /* purpose */
+      0,                         /* trust */
+      100,                       /* depth */