diff --git a/image/rhel/Dockerfile b/image/rhel/Dockerfile
index 52700d69fb35a..01e7801f260a2 100644
--- a/image/rhel/Dockerfile
+++ b/image/rhel/Dockerfile
@@ -1,12 +1,13 @@
 ARG BASE_REGISTRY=registry.access.redhat.com
-ARG BASE_IMAGE=ubi8/ubi
+ARG BASE_IMAGE=ubi8-micro
 ARG BASE_TAG=8.5
 
-FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} AS extracted_bundle
+FROM ${BASE_REGISTRY}/ubi8/ubi:${BASE_TAG} AS extracted_bundle
 
 COPY bundle.tar.gz /
 WORKDIR /bundle
 RUN tar -zxf /bundle.tar.gz
+RUN dnf install -y lz4-libs bzip2-libs /bundle/snappy.rpm --nodocs
 
 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
 
@@ -29,31 +30,25 @@ COPY --from=extracted_bundle /bundle/stackrox/ /stackrox/
 COPY --from=extracted_bundle /bundle/THIRD_PARTY_NOTICES/ /THIRD_PARTY_NOTICES/
 COPY --from=extracted_bundle /bundle/ui/ /ui/
 COPY --from=extracted_bundle /bundle/usr/local/bin/ldb /usr/local/bin/
-COPY --from=extracted_bundle /bundle/snappy.rpm /tmp/
 COPY --from=extracted_bundle /bundle/go/ /go/
+COPY --from=extracted_bundle /usr/lib64/liblz4.so.1 /usr/lib64/liblz4.so.1
+COPY --from=extracted_bundle /usr/lib64/libbz2.so.1 /usr/lib64/libbz2.so.1
+COPY --from=extracted_bundle /usr/lib64/libsnappy.so.1 /usr/lib64/libsnappy.so.1
+COPY --from=extracted_bundle /usr/lib64/libstdc++.so.6 /usr/lib64/libstdc++.so.6
+COPY --from=extracted_bundle /usr/lib64/libzstd.so.1 /usr/lib64/libzstd.so.1
+COPY --from=extracted_bundle /usr/lib64/libz.so.1 /usr/lib64/libz.so.1
+COPY --from=extracted_bundle /usr/lib64/libgcc_s.so.1 /usr/lib64/libgcc_s.so.1
 
 RUN ln -s entrypoint-wrapper.sh /stackrox/admission-control && \
     ln -s entrypoint-wrapper.sh /stackrox/compliance && \
     ln -s entrypoint-wrapper.sh /stackrox/kubernetes-sensor && \
     ln -s entrypoint-wrapper.sh /stackrox/sensor-upgrader && \
     ln -s /assets/downloads/cli/roxctl-linux /stackrox/roxctl && \
-    rpm --import RPM-GPG-KEY-CentOS-Official && \
-    dnf upgrade -y && \
-    dnf install -y lz4 bzip2 /tmp/snappy.rpm && \
-    dnf clean all && \
-    rm /tmp/snappy.rpm RPM-GPG-KEY-CentOS-Official && \
-    # (Optional) Remove line below to keep package management utilities
-    rpm -e --nodeps $(rpm -qa curl '*rpm*' '*dnf*' '*libsolv*' '*hawkey*' 'yum*') && \
-    rm -rf /var/cache/dnf && \
-    # The contents of paths mounted as emptyDir volumes in Kubernetes are saved
-    # by the script `save-dir-contents` during the image build. The directory
-    # contents are then restored by the script `restore-all-dir-contents`
-    # during the container start.
-    chown -R 4000:4000 /etc/pki /etc/ssl && save-dir-contents /etc/pki/ca-trust /etc/ssl && \
     mkdir -p /var/lib/stackrox && chown -R 4000:4000 /var/lib/stackrox && \
     mkdir -p /var/log/stackrox && chown -R 4000:4000 /var/log/stackrox && \
     mkdir -p /var/cache/stackrox && chown -R 4000:4000 /var/cache/stackrox && \
-    chown -R 4000:4000 /tmp
+    mkdir -p /etc/pki /etc/ssl && \
+    chown -R 4000:4000 /tmp /etc/pki /etc/ssl
 
 EXPOSE 8443