diff --git a/src/main/helm/templates/cert_issuer.yaml b/src/main/helm/templates/cert_issuer.yaml
index 1e87578410a3e22f53f67ff24e35427587b9d3d5..34f56bce9f67c2880a417598b966be799298dd38 100644
--- a/src/main/helm/templates/cert_issuer.yaml
+++ b/src/main/helm/templates/cert_issuer.yaml
@@ -22,10 +22,12 @@
 # unter der Lizenz sind dem Lizenztext zu entnehmen.
 #
 
+{{- if not .Values.disableGrpcServerTls }}
 apiVersion: cert-manager.io/v1
 kind: Issuer
 metadata:
   name: user-manager-issuer
   namespace: {{ include "app.namespace" . }}
 spec:
-  selfSigned: {}
\ No newline at end of file
+  selfSigned: {}
+{{- end }}
\ No newline at end of file
diff --git a/src/main/helm/templates/certificate.yaml b/src/main/helm/templates/certificate.yaml
index 02e60de385e513b9fd1450e9a48876b3cf5b8d56..f90349548a71d69b31262afee0286939b5732c14 100644
--- a/src/main/helm/templates/certificate.yaml
+++ b/src/main/helm/templates/certificate.yaml
@@ -22,6 +22,7 @@
 # unter der Lizenz sind dem Lizenztext zu entnehmen.
 #
 
+{{- if not .Values.disableGrpcServerTls }}
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
@@ -41,4 +42,5 @@ spec:
     - "{{ include "app.name" . }}.{{ include "app.namespace" . }}.svc.cluster"
     - "{{ include "app.name" . }}.{{ include "app.namespace" . }}.svc"
     - "{{ include "app.name" . }}.{{ include "app.namespace" . }}"
-    - "{{ include "app.name" . }}"
\ No newline at end of file
+    - "{{ include "app.name" . }}"
+{{- end }}
\ No newline at end of file
diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index 346ee183251aac415d827ba477a6ca4c4a8bb6f1..b4d2267689e4a712b65a0ea873c698de03d5c63d 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -107,6 +107,12 @@ spec:
         {{- end }}
         - name: QUARKUS_HTTP_CORS_ORIGINS
           value: {{ (include "app.alfaAddress" .) }}
+        {{- if .Values.disableGrpcServerTls }}
+        - name: QUARKUS_GRPC_SERVER_SSL_CERTIFICATE
+          value: ""
+        - name: QUARKUS_GRPC_SERVER_SSL_KEY
+          value: ""
+        {{- end }}
         {{- with (.Values.env).customList }}
 {{ toYaml . | indent 8 }}
         {{- end }}
@@ -169,7 +175,9 @@ spec:
         terminationMessagePath: /dev/termination-log
         terminationMessagePolicy: File
         tty: true
+        {{- if or (not .Values.disableGrpcServerTls) .Values.optionalTrustStoreSecretName }}
         volumeMounts:
+          {{- if not .Values.disableGrpcServerTls }}
           - name: user-manager-tls-certificate
             mountPath: "/user-manager-tls-certificate/tls.crt"
             subPath: tls.crt
@@ -178,21 +186,27 @@ spec:
             mountPath: "/user-manager-tls-certificate/tls.key"
             subPath: tls.key
             readOnly: true
+          {{- end }}
           {{- if .Values.optionalTrustStoreSecretName }}
           - name: optional-trust-store
             mountPath: "/optional-trust-store/truststore.jks"
             subPath: truststore.jks
             readOnly: true
           {{- end }}
+        {{- end }}
+      {{- if or (not .Values.disableGrpcServerTls) .Values.optionalTrustStoreSecretName }}
       volumes:
+        {{- if not .Values.disableGrpcServerTls }}
          - name: user-manager-tls-certificate
            secret:
               secretName: user-manager-tls-cert
+        {{- end }}
         {{- if .Values.optionalTrustStoreSecretName }}
          - name: optional-trust-store
            secret:
               secretName: {{ .Values.optionalTrustStoreSecretName }}
         {{- end }}
+        {{- end }}
       dnsConfig: {}
       dnsPolicy: ClusterFirst
       imagePullSecrets:
diff --git a/src/test/helm/cert_issuer_test.yaml b/src/test/helm/cert_issuer_test.yaml
index b2e1448f6d1be3d1fda4bbedab0e4c6a29a11515..224328094cedca428efb1185bed7d13906a329b4 100644
--- a/src/test/helm/cert_issuer_test.yaml
+++ b/src/test/helm/cert_issuer_test.yaml
@@ -47,4 +47,10 @@ tests:
     asserts:
       - equal:
           path: spec.selfSigned
-          value: {}
\ No newline at end of file
+          value: {}
+  - it: should not create cert issuer
+    set:
+      disableGrpcServerTls: true
+    asserts:
+      - hasDocuments:
+        count: 0
\ No newline at end of file
diff --git a/src/test/helm/certificate_test.yaml b/src/test/helm/certificate_test.yaml
index ac111fb2284e8d718f0c08598fa3170472089444..0fe136c561849439f67b32d1f51bd92eda6de2bd 100644
--- a/src/test/helm/certificate_test.yaml
+++ b/src/test/helm/certificate_test.yaml
@@ -90,4 +90,10 @@ tests:
           value: "user-manager.sh-helm-test"
      - equal:
           path: spec.dnsNames[5]
-          value: "user-manager"
\ No newline at end of file
+          value: "user-manager"
+  - it: should not create certificate
+    set:
+      disableGrpcServerTls: true
+    asserts:
+      - hasDocuments:
+        count: 0
\ No newline at end of file
diff --git a/src/test/helm/deployment_env_test.yaml b/src/test/helm/deployment_env_test.yaml
index e2ede3f3e19c0b92f205522bacf6c2243717e082..c767c8d80dc705b5258d1a8c7ac3c10820a7c5b5 100644
--- a/src/test/helm/deployment_env_test.yaml
+++ b/src/test/helm/deployment_env_test.yaml
@@ -97,4 +97,30 @@ tests:
           path: spec.template.spec.containers[0].env
           content:
             name: OZGCLOUD_USERSYNC_PERIOD
-            value: "6h"
\ No newline at end of file
+            value: "6h"
+  - it: check disable grpc server
+    set:
+      disableGrpcServerTls: true
+    asserts:
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: QUARKUS_GRPC_SERVER_SSL_CERTIFICATE
+            value: ""
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: QUARKUS_GRPC_SERVER_SSL_KEY
+            value: ""
+  - it: check default grpc server settings
+    asserts:
+      - notContains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: QUARKUS_GRPC_SERVER_SSL_CERTIFICATE
+          any: true
+      - notContains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: QUARKUS_GRPC_SERVER_SSL_KEY
+          any: true
\ No newline at end of file
diff --git a/src/test/helm/deplyoment_cert_bindings_test.yaml b/src/test/helm/deplyoment_cert_bindings_test.yaml
index 416c7ef3fac69aabeef6b795239535382ce73103..3fec0d1b00b5d5750bfb97bb558de92287837d98 100644
--- a/src/test/helm/deplyoment_cert_bindings_test.yaml
+++ b/src/test/helm/deplyoment_cert_bindings_test.yaml
@@ -63,4 +63,43 @@ tests:
            content:
              name: user-manager-tls-certificate
              secret:
-               secretName: user-manager-tls-cert
\ No newline at end of file
+               secretName: user-manager-tls-cert
+
+  - it: should not mount volumes for user-manager root ca
+    set:
+      disableGrpcServerTls: true
+      optionalTrustStoreSecretName: optional-trust-store-secret
+    asserts:
+      - notContains:
+          path: spec.template.spec.containers[0].volumeMounts
+          content:
+            name: user-manager-tls-certificate
+          any: true
+      - notContains:
+          path: spec.template.spec.containers[0].volumeMounts
+          content:
+            name: user-manager-tls-certificate
+          any: true
+
+  - it: should not have volume mounts
+    set:
+      disableGrpcServerTls: true
+    asserts:
+      - notExists:
+          path: spec.template.spec.containers[0].volumeMounts
+
+  - it: should not have volume for user-manager root certificate
+    set:
+      disableGrpcServerTls: true
+      optionalTrustStoreSecretName: optional-trust-store-secret
+    asserts:
+      - notContains:
+          path: spec.template.spec.volumes
+        any: true
+
+  - it: should not have volume
+    set:
+      disableGrpcServerTls: true
+    asserts:
+      - notExists:
+          path: spec.template.spec.volumes