diff --git a/api/crypto/tls.go b/api/crypto/tls.go
index 3d22091d8..976e1a075 100644
--- a/api/crypto/tls.go
+++ b/api/crypto/tls.go
@@ -12,30 +12,28 @@ import (
 func CreateTLSConfiguration(config *portainer.TLSConfiguration) (*tls.Config, error) {
 	TLSConfig := &tls.Config{}
 
-	if config.TLS {
-		if config.TLSCertPath != "" && config.TLSKeyPath != "" {
-			cert, err := tls.LoadX509KeyPair(config.TLSCertPath, config.TLSKeyPath)
-			if err != nil {
-				return nil, err
-			}
-
-			TLSConfig.Certificates = []tls.Certificate{cert}
+	if config.TLSCertPath != "" && config.TLSKeyPath != "" {
+		cert, err := tls.LoadX509KeyPair(config.TLSCertPath, config.TLSKeyPath)
+		if err != nil {
+			return nil, err
 		}
 
-		if !config.TLSSkipVerify {
-			caCert, err := ioutil.ReadFile(config.TLSCACertPath)
-			if err != nil {
-				return nil, err
-			}
-
-			caCertPool := x509.NewCertPool()
-			caCertPool.AppendCertsFromPEM(caCert)
-
-			TLSConfig.RootCAs = caCertPool
-		}
-
-		TLSConfig.InsecureSkipVerify = config.TLSSkipVerify
+		TLSConfig.Certificates = []tls.Certificate{cert}
 	}
 
+	if !config.TLSSkipVerify {
+		caCert, err := ioutil.ReadFile(config.TLSCACertPath)
+		if err != nil {
+			return nil, err
+		}
+
+		caCertPool := x509.NewCertPool()
+		caCertPool.AppendCertsFromPEM(caCert)
+
+		TLSConfig.RootCAs = caCertPool
+	}
+
+	TLSConfig.InsecureSkipVerify = config.TLSSkipVerify
+
 	return TLSConfig, nil
 }