diff --git a/initscripts-config/centos/build_srpm.data b/initscripts-config/centos/build_srpm.data
index da1e20b..2c3b2cb 100644
--- a/initscripts-config/centos/build_srpm.data
+++ b/initscripts-config/centos/build_srpm.data
@@ -1,2 +1,2 @@
 SRC_DIR="files"
-TIS_PATCH_VER=0
+TIS_PATCH_VER=1
diff --git a/initscripts-config/files/sysctl.conf b/initscripts-config/files/sysctl.conf
index 54feda4..198716e 100644
--- a/initscripts-config/files/sysctl.conf
+++ b/initscripts-config/files/sysctl.conf
@@ -97,3 +97,11 @@ net.ipv4.tcp_retries2 = 8
 # that will cause the tiller pod to crash when the port is assigned to
 # another client/server
 net.ipv4.ip_local_reserved_ports=35357,44134-44136
+
+# Set a global limit on the number of negative dentries.  This is in units
+# of 0.1 %, so a value of 20 represents 2% of all memory.
+# We know of an issue with curl to an https endpoint when using nss versions
+# older than 3.52 which can cause unlimited negative dentry growth.  We fixed
+# it in the code we control, but this will keep the number at a reasonable
+# size if an application is poorly behaved.
+fs.negative-dentry-limit=20
diff --git a/setup-config/centos/build_srpm.data b/setup-config/centos/build_srpm.data
index da1e20b..2c3b2cb 100644
--- a/setup-config/centos/build_srpm.data
+++ b/setup-config/centos/build_srpm.data
@@ -1,2 +1,2 @@
 SRC_DIR="files"
-TIS_PATCH_VER=0
+TIS_PATCH_VER=1
diff --git a/setup-config/files/custom.sh b/setup-config/files/custom.sh
index 37a7273..ddb4979 100644
--- a/setup-config/files/custom.sh
+++ b/setup-config/files/custom.sh
@@ -1 +1,7 @@
 export TMOUT=900
+
+# This is to work around a bug in curl with https
+# endpoints when using nss versions less than 3.52.
+# Without this it creates many negative dentries
+# each time it is called.
+export NSS_SDB_USE_CACHE=no