diff --git a/config/config.sample.php b/config/config.sample.php
index 7ba3977fe3acf58e52eb42bac11e73cd17b59e49..8e0d89f93dde8dc54f9eaf06c138ff84917c0e1e 100644
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -846,6 +846,11 @@ $CONFIG = array(
 	'config' => '/absolute/location/of/openssl.cnf',
 ),
 
+/**
+ * Allow the configuration of system wide trusted certificates
+ */
+'enable_certificate_management' => false,
+
 /**
  * Memory caching backend configuration
  *
diff --git a/settings/admin.php b/settings/admin.php
index 7bd3760b6ce906a4156397af765463fecc0ae5e2..7416e798a8f4ee19729b0df3939d6493ee4d7b06 100644
--- a/settings/admin.php
+++ b/settings/admin.php
@@ -158,12 +158,14 @@ $template->assign('OutdatedCacheWarning', $outdatedCaches);
 // add hardcoded forms from the template
 $forms = OC_App::getForms('admin');
 
-$certificatesTemplate = new OC_Template('settings', 'certificates');
-$certificatesTemplate->assign('type', 'admin');
-$certificatesTemplate->assign('uploadRoute', 'settings.Certificate.addSystemRootCertificate');
-$certificatesTemplate->assign('certs', $certificateManager->listCertificates());
-$certificatesTemplate->assign('urlGenerator', $urlGenerator);
-$forms[] = $certificatesTemplate->fetchPage();
+if ($config->getSystemValue('enable_certificate_management', false)) {
+	$certificatesTemplate = new OC_Template('settings', 'certificates');
+	$certificatesTemplate->assign('type', 'admin');
+	$certificatesTemplate->assign('uploadRoute', 'settings.Certificate.addSystemRootCertificate');
+	$certificatesTemplate->assign('certs', $certificateManager->listCertificates());
+	$certificatesTemplate->assign('urlGenerator', $urlGenerator);
+	$forms[] = $certificatesTemplate->fetchPage();
+}
 
 $formsAndMore = array();
 if ($request->getServerProtocol()  !== 'https' || !OC_Util::isAnnotationsWorking() ||