Systems and methods to build a trusted HTTPS session on a limited pre-boot BIOS environment in an information handling system. The information handling system may include a BIOS that may be stored in a secure read-only region of a flash storage. The BIOS may download signed certification authority (CA) information from a server based on a target location that may be stored at the secure read-only region. The BIOS may authenticate the signed CA information based on a public key that may be stored at the secure read-only region. The BIOS may, when the signed CA information is authenticated, download a root CA chain from the server and authenticate the root CA chain. The BIOS may, when the root CA chain is authenticated, establish a secure encrypted transport layer security (TLS) session with the server based the root CA chain.