diff --git a/deploy/ocs-operator/manifests/cluster_monitoring_view_prometheus_k8s_role_binding.yaml b/deploy/ocs-operator/manifests/cluster_monitoring_view_prometheus_k8s_role_binding.yaml
new file mode 100644
index 0000000000..8fc5936266
--- /dev/null
+++ b/deploy/ocs-operator/manifests/cluster_monitoring_view_prometheus_k8s_role_binding.yaml
@@ -0,0 +1,11 @@
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: prometheus-k8s-cluster-monitoring-view
+subjects:
+- kind: ServiceAccount
+  name: prometheus-k8s
+roleRef:
+  kind: ClusterRole
+  name: cluster-monitoring-view
+  apiGroup: rbac.authorization.k8s.io
diff --git a/rbac/cluster_monitoring_view_prometheus_k8s_role_binding.yaml b/rbac/cluster_monitoring_view_prometheus_k8s_role_binding.yaml
new file mode 100644
index 0000000000..8fc5936266
--- /dev/null
+++ b/rbac/cluster_monitoring_view_prometheus_k8s_role_binding.yaml
@@ -0,0 +1,11 @@
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: prometheus-k8s-cluster-monitoring-view
+subjects:
+- kind: ServiceAccount
+  name: prometheus-k8s
+roleRef:
+  kind: ClusterRole
+  name: cluster-monitoring-view
+  apiGroup: rbac.authorization.k8s.io
diff --git a/templates/k8smetricsservicemonitor.go b/templates/k8smetricsservicemonitor.go
index 2f0d61d4ee..516d75e8fe 100644
--- a/templates/k8smetricsservicemonitor.go
+++ b/templates/k8smetricsservicemonitor.go
@@ -52,8 +52,10 @@ var K8sMetricsServiceMonitorSpecTemplate = promv1.ServiceMonitorSpec{
 			},
 			TLSConfig: &promv1.TLSConfig{
 				SafeTLSConfig: promv1.SafeTLSConfig{
-					InsecureSkipVerify: ptr.To(true),
+					InsecureSkipVerify: ptr.To(false),
+					ServerName:         ptr.To("prometheus-k8s.openshift-monitoring.svc"),
 				},
+				CAFile: "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt",
 			},
 			Params:          params,
 			BearerTokenFile: "/var/run/secrets/kubernetes.io/serviceaccount/token",