diff --git a/Dockerfile b/Dockerfile
index 5202e8b7b..140a30340 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,21 +1,14 @@
 ARG DEBIAN_IMAGE=debian:stable-slim
 ARG BASE=gcr.io/distroless/static-debian12:nonroot
-FROM --platform=$BUILDPLATFORM ${DEBIAN_IMAGE} AS build
-SHELL [ "/bin/sh", "-ec" ]
 
-RUN export DEBCONF_NONINTERACTIVE_SEEN=true \
-           DEBIAN_FRONTEND=noninteractive \
-           DEBIAN_PRIORITY=critical \
-           TERM=linux ; \
-    apt-get -qq update ; \
-    apt-get -qq upgrade ; \
-    apt-get -qq --no-install-recommends install ca-certificates libcap2-bin; \
-    apt-get clean
+FROM --platform=$BUILDPLATFORM ${DEBIAN_IMAGE} AS build
+ARG DEBIAN_FRONTEND=noninteractive
+RUN apt-get -qq update \
+    && apt-get -qq --no-install-recommends install libcap2-bin
 COPY coredns /coredns
 RUN setcap cap_net_bind_service=+ep /coredns
 
-FROM --platform=$TARGETPLATFORM ${BASE}
-COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+FROM ${BASE}
 COPY --from=build /coredns /coredns
 USER nonroot:nonroot
 # Reset the working directory inherited from the base image back to the expected default: