diff --git a/cmd/console/server.go b/cmd/console/server.go
index 2b4e2b37f..e3dd47435 100644
--- a/cmd/console/server.go
+++ b/cmd/console/server.go
@@ -23,6 +23,8 @@ import (
 	"path/filepath"
 	"time"
 
+	xcerts "github.com/minio/pkg/certs"
+
 	"github.com/go-openapi/loads"
 	"github.com/jessevdk/go-flags"
 	"github.com/minio/cli"
@@ -135,9 +137,12 @@ func loadAllCerts(ctx *cli.Context) error {
 	if err = certs.MkdirAllIgnorePerm(certs.GlobalCertsCADir.Get()); err != nil {
 		return fmt.Errorf("unable to create certs CA directory at %s: with %w", certs.GlobalCertsCADir.Get(), err)
 	}
-
+	var manager *xcerts.Manager
 	// load the certificates and the CAs
-	restapi.GlobalRootCAs, restapi.GlobalPublicCerts, restapi.GlobalTLSCertsManager = certs.GetAllCertificatesAndCAs()
+	restapi.GlobalRootCAs, restapi.GlobalPublicCerts, manager = certs.GetAllCertificatesAndCAs()
+	restapi.GlobalTLSCertsManager = &certs.TLSCertsManager{
+		Manager: manager,
+	}
 
 	{
 		// TLS flags from swagger server, used to support VMware vsphere operator version.
@@ -146,8 +151,7 @@ func loadAllCerts(ctx *cli.Context) error {
 		swaggerServerCACertificate := ctx.String("tls-ca")
 		// load tls cert and key from swagger server tls-certificate and tls-key flags
 		if swaggerServerCertificate != "" && swaggerServerCertificateKey != "" {
-			if err = certs.AddCertificate(context.Background(),
-				restapi.GlobalTLSCertsManager, swaggerServerCertificate, swaggerServerCertificateKey); err != nil {
+			if err = restapi.GlobalTLSCertsManager.AddCertificate(context.Background(), swaggerServerCertificate, swaggerServerCertificateKey); err != nil {
 				return err
 			}
 			if x509Certs, err := certs.ParsePublicCertFile(swaggerServerCertificate); err == nil {
@@ -170,8 +174,8 @@ func loadAllCerts(ctx *cli.Context) error {
 // StartServer starts the console service
 func StartServer(ctx *cli.Context) error {
 	if err := loadAllCerts(ctx); err != nil {
+		// Log this as a warning and continue running console without TLS certificates
 		restapi.LogError("Unable to load certs: %v", err)
-		return err
 	}
 
 	var rctx restapi.Context
diff --git a/pkg/certs/certs.go b/pkg/certs/certs.go
index 630e87e8c..a334c3fa4 100644
--- a/pkg/certs/certs.go
+++ b/pkg/certs/certs.go
@@ -327,13 +327,18 @@ func GetAllCertificatesAndCAs() (*x509.CertPool, []*x509.Certificate, *xcerts.Ma
 	return GlobalRootCAs, globalPublicCerts, globalTLSCertsManager
 }
 
+// TLSCertsManager custom TLS Manager for SNI support
+type TLSCertsManager struct {
+	*xcerts.Manager
+}
+
 // AddCertificate check if Manager is initialized and then append a new certificate to it
-func AddCertificate(ctx context.Context, manager *xcerts.Manager, publicKey, privateKey string) (err error) {
+func (m *TLSCertsManager) AddCertificate(ctx context.Context, publicKey, privateKey string) (err error) {
 	// If Cert Manager is not nil add more certificates
-	if manager != nil {
-		return manager.AddCertificate(publicKey, privateKey)
+	if m.Manager != nil {
+		return m.Manager.AddCertificate(publicKey, privateKey)
 	}
 	// Initialize cert manager
-	manager, err = xcerts.NewManager(ctx, publicKey, privateKey, LoadX509KeyPair)
+	m.Manager, err = xcerts.NewManager(ctx, publicKey, privateKey, LoadX509KeyPair)
 	return err
 }
diff --git a/restapi/config.go b/restapi/config.go
index 29ce062e5..92c0ccf27 100644
--- a/restapi/config.go
+++ b/restapi/config.go
@@ -24,7 +24,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/minio/pkg/certs"
+	"github.com/minio/console/pkg/certs"
 	"github.com/minio/pkg/env"
 )
 
@@ -276,7 +276,7 @@ var (
 	// GlobalPublicCerts has certificates Console will use to serve clients
 	GlobalPublicCerts []*x509.Certificate
 	// GlobalTLSCertsManager custom TLS Manager for SNI support
-	GlobalTLSCertsManager *certs.Manager
+	GlobalTLSCertsManager *certs.TLSCertsManager
 )
 
 // getK8sSAToken assumes the plugin is running inside a k8s pod and extract the current service account from the
diff --git a/restapi/configure_console.go b/restapi/configure_console.go
index aa359038c..5c497cf29 100644
--- a/restapi/configure_console.go
+++ b/restapi/configure_console.go
@@ -21,6 +21,7 @@ package restapi
 import (
 	"bytes"
 	"crypto/tls"
+	"crypto/x509"
 	"io"
 	"io/fs"
 	"net/http"
@@ -141,13 +142,21 @@ func configureAPI(api *operations.ConsoleAPI) http.Handler {
 
 // The TLS configuration before HTTPS server starts.
 func configureTLS(tlsConfig *tls.Config) {
-	if GlobalRootCAs != nil {
-		// Add the global public crts as part of global root CAs
-		for _, publicCrt := range GlobalPublicCerts {
-			GlobalRootCAs.AddCert(publicCrt)
-		}
-		tlsConfig.RootCAs = GlobalRootCAs
+	if GlobalRootCAs == nil {
+		GlobalRootCAs = &x509.CertPool{}
 	}
+	// Add the global public crts as part of global root CAs
+	for _, publicCrt := range GlobalPublicCerts {
+		// Add certificates to swagger TLS configuration
+		tlsConfig.Certificates = append(tlsConfig.Certificates, tls.Certificate{
+			Certificate: [][]byte{publicCrt.Raw},
+			Leaf:        publicCrt,
+		})
+		GlobalRootCAs.AddCert(publicCrt)
+	}
+
+	tlsConfig.RootCAs = GlobalRootCAs
+
 	if GlobalTLSCertsManager != nil {
 		tlsConfig.GetCertificate = GlobalTLSCertsManager.GetCertificate
 	}