diff --git a/.ci/docker/Dockerfile.aca-rocky b/.ci/docker/Dockerfile.aca-rocky
index ce213f75..5a395382 100644
--- a/.ci/docker/Dockerfile.aca-rocky
+++ b/.ci/docker/Dockerfile.aca-rocky
@@ -84,4 +84,4 @@ HEALTHCHECK --start-period=50s --interval=1s --timeout=90s CMD curl -f https://l
 WORKDIR /hirs
 
 # On container launch, the database will be set up. Then bootRun should utilize build artifacts stored in the image.
-CMD ["bash", "-c", "/hirs/package/linux/aca/aca_setup.sh --unattended && /tmp/hirs_add_aca_tls_path_to_os.sh && /hirs/package/linux/aca/aca_bootRun.sh"]
\ No newline at end of file
+CMD ["bash", "-c", "/hirs/package/linux/aca/aca_check_env.sh && /hirs/package/linux/aca/aca_setup.sh --unattended && /tmp/hirs_add_aca_tls_path_to_os.sh && /hirs/package/linux/aca/aca_bootRun.sh"]
\ No newline at end of file
diff --git a/package/linux/aca/aca_check_env.sh b/package/linux/aca/aca_check_env.sh
new file mode 100755
index 00000000..25d5e358
--- /dev/null
+++ b/package/linux/aca/aca_check_env.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+# Imported /etc/hirs should only be used if one doesn't exist
+if [ ! -d "/etc/hirs" ]; then
+    if [ -n "${HIRS_USE_IMPORTED_ETC_HIRS}" ]; then
+        IMPORTED_ETC_HIRS_PATH="${HIRS_USE_IMPORTED_ETC_HIRS}"
+
+        if [ -d "$IMPORTED_ETC_HIRS_PATH" ]; then
+            cp -r "$IMPORTED_ETC_HIRS_PATH" /etc/hirs
+
+	    find /etc/hirs -type d -exec chown root:root {} +
+	    find /etc/hirs/certificates -type d -exec chown :mysql {} +
+	    find /etc/hirs -type d -exec chmod -R g+rx {} +
+	    find /etc/hirs -type f -exec chmod -R 644 {} +
+	    chmod 755 /etc/hirs
+        fi
+    fi
+fi