diff --git a/enforcer/templates/enforcer-configmap.yaml b/enforcer/templates/enforcer-configmap.yaml
index 978b9d0d..b4130c7f 100644
--- a/enforcer/templates/enforcer-configmap.yaml
+++ b/enforcer/templates/enforcer-configmap.yaml
@@ -20,8 +20,12 @@ data:
   AQUA_HOST_RUN_PATH: {{ .Values.hostRunPath | quote }}
   {{- end }}
   {{- if .Values.TLS.enabled }}
+  {{- if .Values.TLS.privateKey_fileName }}
   AQUA_PRIVATE_KEY: "/opt/aquasec/ssl/key.pem"
+  {{- end}}
+  {{- if .Values.TLS.publicKey_fileName }}
   AQUA_PUBLIC_KEY: "/opt/aquasec/ssl/cert.pem"
+  {{- end}}
   {{- if .Values.TLS.rootCA_fileName }}
   AQUA_ROOT_CA: "/opt/aquasec/ssl/ca.pem"
   {{- end }}
diff --git a/enforcer/templates/enforcer-daemonset.yaml b/enforcer/templates/enforcer-daemonset.yaml
index 221e6a78..a2f8ac23 100644
--- a/enforcer/templates/enforcer-daemonset.yaml
+++ b/enforcer/templates/enforcer-daemonset.yaml
@@ -250,10 +250,14 @@ spec:
           defaultMode: 420
           secretName: {{ .Values.TLS.secretName }}
           items:
+          {{- if .Values.TLS.publicKey_fileName }}
           - key: {{ .Values.TLS.publicKey_fileName }}
             path: cert.pem
+          {{- end }}
+          {{- if .Values.TLS.privateKey_fileName }}
           - key: {{ .Values.TLS.privateKey_fileName }}
             path: key.pem
+          {{- end }}
           {{- if .Values.TLS.rootCA_fileName }}
           - key: {{ .Values.TLS.rootCA_fileName }}
             path: ca.pem
diff --git a/kube-enforcer/templates/kube-enforcer-configmap.yaml b/kube-enforcer/templates/kube-enforcer-configmap.yaml
index 07e2012d..be00d8f0 100644
--- a/kube-enforcer/templates/kube-enforcer-configmap.yaml
+++ b/kube-enforcer/templates/kube-enforcer-configmap.yaml
@@ -40,8 +40,12 @@ data:
   {{- end }}
 # mTLS env config
 {{- if .Values.TLS.enabled }}
+{{- if .Values.TLS.privateKey_fileName }}
   AQUA_PRIVATE_KEY: "/opt/aquasec/ssl/key.pem"
+{{- end}}
+{{- if .Values.TLS.publicKey_fileName }}
   AQUA_PUBLIC_KEY: "/opt/aquasec/ssl/cert.pem"
+{{- end}}
   AQUA_TLS_VERIFY: {{ .Values.TLS.tls_verify | quote }}
 {{- if .Values.TLS.rootCA_fileName }}
   AQUA_ROOT_CA: "/opt/aquasec/ssl/ca.pem"
diff --git a/kube-enforcer/templates/kube-enforcer-deployment.yaml b/kube-enforcer/templates/kube-enforcer-deployment.yaml
index 83267a4b..8ad03232 100644
--- a/kube-enforcer/templates/kube-enforcer-deployment.yaml
+++ b/kube-enforcer/templates/kube-enforcer-deployment.yaml
@@ -174,10 +174,14 @@ spec:
             defaultMode: 420
             secretName: {{ .Values.TLS.secretName }}
             items:
+            {{- if .Values.TLS.publicKey_fileName }}
             - key: {{ .Values.TLS.publicKey_fileName }}
               path: cert.pem
+            {{- end }}
+            {{- if .Values.TLS.privateKey_fileName }}
             - key: {{ .Values.TLS.privateKey_fileName }}
               path: key.pem
+            {{- end }}
             {{- if .Values.TLS.rootCA_fileName }}
             - key: {{ .Values.TLS.rootCA_fileName }}
               path: ca.pem