diff --git a/core/src/main/java/hudson/model/Hudson.java b/core/src/main/java/hudson/model/Hudson.java
index d952feef8f904c0a56aaa15681621081253218b1..cff9468310095855a442f84e64a12b9a82c398dd 100644
--- a/core/src/main/java/hudson/model/Hudson.java
+++ b/core/src/main/java/hudson/model/Hudson.java
@@ -2612,6 +2612,11 @@ public class Hudson extends Node implements ItemGroup<TopLevelItem>, StaplerProx
         }
     }
 
+    /**
+     * Gets the {@link CrumbIssuer} currently in use.
+     *
+     * @return null if none is in use.
+     */
     public CrumbIssuer getCrumbIssuer() {
         return crumbIssuer;
     }
diff --git a/core/src/main/java/hudson/security/csrf/CrumbIssuer.java b/core/src/main/java/hudson/security/csrf/CrumbIssuer.java
index fce5b3ce74381e008d0e6ed35a29b782e1011b56..b56553ba26d9db5ca4eceeef2e43bf539039df35 100644
--- a/core/src/main/java/hudson/security/csrf/CrumbIssuer.java
+++ b/core/src/main/java/hudson/security/csrf/CrumbIssuer.java
@@ -7,7 +7,10 @@ package hudson.security.csrf;
 
 import javax.servlet.ServletRequest;
 
+import hudson.init.Initializer;
 import org.kohsuke.stapler.Stapler;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.WebApp;
 import org.kohsuke.stapler.export.Exported;
 import org.kohsuke.stapler.export.ExportedBean;
 
@@ -152,4 +155,29 @@ public abstract class CrumbIssuer implements Describable<CrumbIssuer>, Extension
     public Api getApi() {
         return new Api(this);
     }
+
+    /**
+     * Sets up Stapler to use our crumb issuer.
+     */
+    @Initializer
+    public static void initStaplerCrumbIssuer() {
+        WebApp.get(Hudson.getInstance().servletContext).setCrumbIssuer(new org.kohsuke.stapler.CrumbIssuer() {
+            @Override
+            public String issueCrumb(StaplerRequest request) {
+                CrumbIssuer ci = Hudson.getInstance().getCrumbIssuer();
+                return ci!=null ? ci.getCrumb(request) : DEFAULT.issueCrumb(request);
+            }
+
+            @Override
+            public void validateCrumb(StaplerRequest request, String submittedCrumb) {
+                CrumbIssuer ci = Hudson.getInstance().getCrumbIssuer();
+                if (ci==null) {
+                    DEFAULT.validateCrumb(request,submittedCrumb);
+                } else {
+                    if (!ci.validateCrumb(request, ci.getDescriptor().getCrumbSalt(), submittedCrumb))
+                        throw new SecurityException("Crumb didn't match");
+                }
+            }
+        });
+    }
 }