diff --git a/server/setup-database.js b/server/setup-database.js
index 7ec9ceb05..d704caac5 100644
--- a/server/setup-database.js
+++ b/server/setup-database.js
@@ -207,6 +207,11 @@ class SetupDatabase {
                         return;
                     }
 
+                    // Prevent someone from injecting a CA file path not generated by the code below
+                    if (dbConfig.caFilePath) {
+                        dbConfig.caFilePath = undefined;
+                    }
+
                     if (dbConfig.caFile) {
                         const base64Data = dbConfig.caFile.replace(/^data:application\/octet-stream;base64,/, "");
                         console.log(dbConfig);