diff --git a/apps/files_sharing/lib/AppInfo/Application.php b/apps/files_sharing/lib/AppInfo/Application.php
index fc305e58dbe45..007afb9e60cca 100644
--- a/apps/files_sharing/lib/AppInfo/Application.php
+++ b/apps/files_sharing/lib/AppInfo/Application.php
@@ -1,4 +1,5 @@
 <?php
+
 /**
  * @copyright Copyright (c) 2016, ownCloud, Inc.
  *
@@ -66,6 +67,7 @@
 use OCP\Group\Events\GroupChangedEvent;
 use OCP\Group\Events\GroupDeletedEvent;
 use OCP\Group\Events\UserAddedEvent;
+use OCP\IConfig;
 use OCP\IDBConnection;
 use OCP\IGroup;
 use OCP\IUserSession;
@@ -90,7 +92,8 @@ public function register(IRegistrationContext $context): void {
 				function () use ($c) {
 					return $c->get(Manager::class);
 				},
-				$c->get(ICloudIdManager::class)
+				$c->get(ICloudIdManager::class),
+				$c->get(IConfig::class),
 			);
 		});
 
@@ -163,7 +166,7 @@ public function registerEventsScripts(IEventDispatcher $dispatcher): void {
 	public function registerDownloadEvents(
 		IEventDispatcher $dispatcher,
 		IUserSession $userSession,
-		IRootFolder $rootFolder
+		IRootFolder $rootFolder,
 	): void {
 
 		$dispatcher->addListener(
diff --git a/apps/files_sharing/lib/External/Manager.php b/apps/files_sharing/lib/External/Manager.php
index f18d8346dc44d..b8b3ece6c66dc 100644
--- a/apps/files_sharing/lib/External/Manager.php
+++ b/apps/files_sharing/lib/External/Manager.php
@@ -1,4 +1,5 @@
 <?php
+
 /**
  * @copyright Copyright (c) 2016, ownCloud, Inc.
  *
@@ -46,6 +47,7 @@
 use OCP\Files\NotFoundException;
 use OCP\Files\Storage\IStorageFactory;
 use OCP\Http\Client\IClientService;
+use OCP\IConfig;
 use OCP\IDBConnection;
 use OCP\IGroupManager;
 use OCP\IUserManager;
@@ -98,20 +100,24 @@ class Manager {
 	/** @var LoggerInterface */
 	private $logger;
 
+	/** @var IConfig */
+	private $config;
+
 	public function __construct(
-		IDBConnection                   $connection,
-		\OC\Files\Mount\Manager         $mountManager,
-		IStorageFactory                 $storageLoader,
-		IClientService                  $clientService,
-		IManager                        $notificationManager,
-		IDiscoveryService               $discoveryService,
+		IDBConnection $connection,
+		\OC\Files\Mount\Manager $mountManager,
+		IStorageFactory $storageLoader,
+		IClientService $clientService,
+		IManager $notificationManager,
+		IDiscoveryService $discoveryService,
 		ICloudFederationProviderManager $cloudFederationProviderManager,
-		ICloudFederationFactory         $cloudFederationFactory,
-		IGroupManager                   $groupManager,
-		IUserManager                    $userManager,
-		IUserSession                    $userSession,
-		IEventDispatcher                $eventDispatcher,
-		LoggerInterface                 $logger
+		ICloudFederationFactory $cloudFederationFactory,
+		IGroupManager $groupManager,
+		IUserManager $userManager,
+		IUserSession $userSession,
+		IEventDispatcher $eventDispatcher,
+		LoggerInterface $logger,
+		IConfig $config,
 	) {
 		$user = $userSession->getUser();
 		$this->connection = $connection;
@@ -127,6 +133,7 @@ public function __construct(
 		$this->userManager = $userManager;
 		$this->eventDispatcher = $eventDispatcher;
 		$this->logger = $logger;
+		$this->config = $config;
 	}
 
 	/**
@@ -193,7 +200,8 @@ public function addShare($remote, $token, $password, $name, $owner, $shareType,
 			'token' => $token,
 			'password' => $password,
 			'mountpoint' => $mountPoint,
-			'owner' => $owner
+			'owner' => $owner,
+			'verify' => !$this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates'),
 		];
 		return $this->mountShare($options);
 	}
@@ -733,12 +741,12 @@ public function removeGroupShares($gid): bool {
 			$qb = $this->connection->getQueryBuilder();
 			// delete group share entry and matching sub-entries
 			$qb->delete('share_external')
-			   ->where(
-			   	$qb->expr()->orX(
-			   		$qb->expr()->eq('id', $qb->createParameter('share_id')),
-			   		$qb->expr()->eq('parent', $qb->createParameter('share_parent_id'))
-			   	)
-			   );
+				->where(
+					$qb->expr()->orX(
+						$qb->expr()->eq('id', $qb->createParameter('share_id')),
+						$qb->expr()->eq('parent', $qb->createParameter('share_parent_id'))
+					)
+				);
 
 			foreach ($shares as $share) {
 				$qb->setParameter('share_id', $share['id']);
diff --git a/apps/files_sharing/lib/External/MountProvider.php b/apps/files_sharing/lib/External/MountProvider.php
index 169bf6ed3d74a..82f19e78c5dc8 100644
--- a/apps/files_sharing/lib/External/MountProvider.php
+++ b/apps/files_sharing/lib/External/MountProvider.php
@@ -1,4 +1,5 @@
 <?php
+
 /**
  * @copyright Copyright (c) 2016, ownCloud, Inc.
  *
@@ -28,6 +29,7 @@
 use OCP\Federation\ICloudIdManager;
 use OCP\Files\Config\IMountProvider;
 use OCP\Files\Storage\IStorageFactory;
+use OCP\IConfig;
 use OCP\IDBConnection;
 use OCP\IUser;
 
@@ -49,15 +51,21 @@ class MountProvider implements IMountProvider {
 	 */
 	private $cloudIdManager;
 
+	/**
+	 * @var IConfig
+	 */
+	private $config;
+
 	/**
 	 * @param \OCP\IDBConnection $connection
 	 * @param callable $managerProvider due to setup order we need a callable that return the manager instead of the manager itself
 	 * @param ICloudIdManager $cloudIdManager
 	 */
-	public function __construct(IDBConnection $connection, callable $managerProvider, ICloudIdManager $cloudIdManager) {
+	public function __construct(IDBConnection $connection, callable $managerProvider, ICloudIdManager $cloudIdManager, IConfig $config) {
 		$this->connection = $connection;
 		$this->managerProvider = $managerProvider;
 		$this->cloudIdManager = $cloudIdManager;
+		$this->config = $config;
 	}
 
 	public function getMount(IUser $user, $data, IStorageFactory $storageFactory) {
@@ -69,6 +77,7 @@ public function getMount(IUser $user, $data, IStorageFactory $storageFactory) {
 		$data['cloudId'] = $this->cloudIdManager->getCloudId($data['owner'], $data['remote']);
 		$data['certificateManager'] = \OC::$server->getCertificateManager();
 		$data['HttpClientService'] = \OC::$server->getHTTPClientService();
+		$data['verify'] = !$this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates');
 		return new Mount(self::STORAGE, $mountPoint, $data, $manager, $storageFactory);
 	}
 
diff --git a/apps/files_sharing/tests/External/ManagerTest.php b/apps/files_sharing/tests/External/ManagerTest.php
index 0e80479eafed5..69a96aaf9f776 100644
--- a/apps/files_sharing/tests/External/ManagerTest.php
+++ b/apps/files_sharing/tests/External/ManagerTest.php
@@ -1,4 +1,5 @@
 <?php
+
 /**
  * @copyright Copyright (c) 2016, ownCloud, Inc.
  *
@@ -46,6 +47,7 @@
 use OCP\Http\Client\IClientService;
 use OCP\Http\Client\IResponse;
 use OCP\ICacheFactory;
+use OCP\IConfig;
 use OCP\IGroup;
 use OCP\IGroupManager;
 use OCP\IURLGenerator;
@@ -69,7 +71,7 @@ class ManagerTest extends TestCase {
 	/** @var IManager|\PHPUnit\Framework\MockObject\MockObject */
 	protected $contactsManager;
 
-	/** @var Manager|\PHPUnit\Framework\MockObject\MockObject **/
+	/** @var Manager|\PHPUnit\Framework\MockObject\MockObject * */
 	private $manager;
 
 	/** @var \OC\Files\Mount\Manager */
@@ -102,6 +104,7 @@ class ManagerTest extends TestCase {
 	private $testMountProvider;
 	/** @var IEventDispatcher|\PHPUnit\Framework\MockObject\MockObject */
 	private $eventDispatcher;
+	private IConfig $config;
 
 	protected function setUp(): void {
 		parent::setUp();
@@ -113,6 +116,7 @@ protected function setUp(): void {
 			->disableOriginalConstructor()->getMock();
 		$this->cloudFederationProviderManager = $this->createMock(ICloudFederationProviderManager::class);
 		$this->cloudFederationFactory = $this->createMock(ICloudFederationFactory::class);
+		$this->config = $this->createMock(IConfig::class);
 		$this->groupManager = $this->createMock(IGroupManager::class);
 		$this->userManager = $this->createMock(IUserManager::class);
 		$this->eventDispatcher = $this->createMock(IEventDispatcher::class);
@@ -136,7 +140,7 @@ protected function setUp(): void {
 			$this->userManager,
 			$this->createMock(ICacheFactory::class),
 			$this->createMock(IEventDispatcher::class)
-		));
+		), $this->config);
 
 		$group1 = $this->createMock(IGroup::class);
 		$group1->expects($this->any())->method('getGID')->willReturn('group1');
@@ -188,6 +192,7 @@ private function createManagerForUser($userId) {
 					$userSession,
 					$this->eventDispatcher,
 					$this->logger,
+					$this->config,
 				]
 			)->setMethods(['tryOCMEndPoint'])->getMock();
 	}
@@ -744,7 +749,7 @@ protected function assertExternalShareEntry($expected, $actual, $share, $mountPo
 		$this->assertEquals($expected['token'], $actual['share_token'], 'Asserting token of a share #' . $share);
 		$this->assertEquals($expected['name'], $actual['name'], 'Asserting name of a share #' . $share);
 		$this->assertEquals($expected['owner'], $actual['owner'], 'Asserting owner of a share #' . $share);
-		$this->assertEquals($expected['accepted'], (int) $actual['accepted'], 'Asserting accept of a share #' . $share);
+		$this->assertEquals($expected['accepted'], (int)$actual['accepted'], 'Asserting accept of a share #' . $share);
 		$this->assertEquals($targetEntity, $actual['user'], 'Asserting user of a share #' . $share);
 		$this->assertEquals($mountPoint, $actual['mountpoint'], 'Asserting mountpoint of a share #' . $share);
 	}
diff --git a/lib/private/Files/Storage/DAV.php b/lib/private/Files/Storage/DAV.php
index 4dea220fc23a1..4e6bf517b1074 100644
--- a/lib/private/Files/Storage/DAV.php
+++ b/lib/private/Files/Storage/DAV.php
@@ -1,4 +1,5 @@
 <?php
+
 /**
  * @copyright Copyright (c) 2016, ownCloud, Inc.
  *
@@ -78,6 +79,7 @@ class DAV extends Common {
 	protected $host;
 	/** @var bool */
 	protected $secure;
+	protected bool $verify;
 	/** @var string */
 	protected $root;
 	/** @var string */
@@ -120,9 +122,9 @@ public function __construct($params) {
 		if (isset($params['host']) && isset($params['user']) && isset($params['password'])) {
 			$host = $params['host'];
 			//remove leading http[s], will be generated in createBaseUri()
-			if (str_starts_with($host, "https://")) {
+			if (str_starts_with($host, 'https://')) {
 				$host = substr($host, 8);
-			} elseif (str_starts_with($host, "http://")) {
+			} elseif (str_starts_with($host, 'http://')) {
 				$host = substr($host, 7);
 			}
 			$this->host = $host;
@@ -132,12 +134,14 @@ public function __construct($params) {
 				$this->authType = $params['authType'];
 			}
 			if (isset($params['secure'])) {
+				$this->verify = $params['verify'] ?? true;
 				if (is_string($params['secure'])) {
 					$this->secure = ($params['secure'] === 'true');
 				} else {
 					$this->secure = (bool)$params['secure'];
 				}
 			} else {
+				$this->verify = false;
 				$this->secure = false;
 			}
 			if ($this->secure === true) {
@@ -181,6 +185,9 @@ protected function init() {
 		$this->client->setThrowExceptions(true);
 
 		if ($this->secure === true) {
+			if ($this->verify === false) {
+				$this->client->addCurlSetting(CURLOPT_SSL_VERIFYPEER, false);
+			}
 			$certPath = $this->certManager->getAbsoluteBundlePath();
 			if (file_exists($certPath)) {
 				$this->certPath = $certPath;
@@ -192,13 +199,13 @@ protected function init() {
 
 		$lastRequestStart = 0;
 		$this->client->on('beforeRequest', function (RequestInterface $request) use (&$lastRequestStart) {
-			$this->logger->debug("sending dav " . $request->getMethod() .  " request to external storage: " . $request->getAbsoluteUrl(), ['app' => 'dav']);
+			$this->logger->debug('sending dav ' . $request->getMethod() . ' request to external storage: ' . $request->getAbsoluteUrl(), ['app' => 'dav']);
 			$lastRequestStart = microtime(true);
-			$this->eventLogger->start('fs:storage:dav:request', "Sending dav request to external storage");
+			$this->eventLogger->start('fs:storage:dav:request', 'Sending dav request to external storage');
 		});
 		$this->client->on('afterRequest', function (RequestInterface $request) use (&$lastRequestStart) {
 			$elapsed = microtime(true) - $lastRequestStart;
-			$this->logger->debug("dav " . $request->getMethod() .  " request to external storage: " . $request->getAbsoluteUrl() . " took " . round($elapsed * 1000, 1) . "ms", ['app' => 'dav']);
+			$this->logger->debug('dav ' . $request->getMethod() . ' request to external storage: ' . $request->getAbsoluteUrl() . ' took ' . round($elapsed * 1000, 1) . 'ms', ['app' => 'dav']);
 			$this->eventLogger->end('fs:storage:dav:request');
 		});
 	}
@@ -314,11 +321,11 @@ public function filetype($path) {
 				return false;
 			}
 			$responseType = [];
-			if (isset($response["{DAV:}resourcetype"])) {
+			if (isset($response['{DAV:}resourcetype'])) {
 				/** @var ResourceType[] $response */
-				$responseType = $response["{DAV:}resourcetype"]->getValue();
+				$responseType = $response['{DAV:}resourcetype']->getValue();
 			}
-			return (count($responseType) > 0 and $responseType[0] == "{DAV:}collection") ? 'dir' : 'file';
+			return (count($responseType) > 0 and $responseType[0] == '{DAV:}collection') ? 'dir' : 'file';
 		} catch (\Exception $e) {
 			$this->convertException($e, $path);
 		}
@@ -368,7 +375,8 @@ public function fopen($path, $mode) {
 							'auth' => [$this->user, $this->password],
 							'stream' => true,
 							// set download timeout for users with slow connections or large files
-							'timeout' => $this->timeout
+							'timeout' => $this->timeout,
+							'verify' => $this->verify,
 						]);
 				} catch (\GuzzleHttp\Exception\ClientException $e) {
 					if ($e->getResponse() instanceof ResponseInterface
@@ -527,7 +535,8 @@ protected function uploadFile($path, $target) {
 				'body' => $source,
 				'auth' => [$this->user, $this->password],
 				// set upload timeout for users with slow connections or large files
-				'timeout' => $this->timeout
+				'timeout' => $this->timeout,
+				'verify' => $this->verify,
 			]);
 
 		$this->removeCachedFile($target);
@@ -616,11 +625,11 @@ private function getMetaFromPropfind(string $path, array $response): array {
 		}
 
 		$responseType = [];
-		if (isset($response["{DAV:}resourcetype"])) {
+		if (isset($response['{DAV:}resourcetype'])) {
 			/** @var ResourceType[] $response */
-			$responseType = $response["{DAV:}resourcetype"]->getValue();
+			$responseType = $response['{DAV:}resourcetype']->getValue();
 		}
-		$type = (count($responseType) > 0 and $responseType[0] == "{DAV:}collection") ? 'dir' : 'file';
+		$type = (count($responseType) > 0 and $responseType[0] == '{DAV:}collection') ? 'dir' : 'file';
 		if ($type === 'dir') {
 			$mimeType = 'httpd/unix-directory';
 		} elseif (isset($response['{DAV:}getcontenttype'])) {
@@ -866,9 +875,9 @@ public function hasUpdated($path, $time) {
 	 * @param string $path optional path from the operation
 	 *
 	 * @throws StorageInvalidException if the storage is invalid, for example
-	 * when the authentication expired or is invalid
+	 *                                 when the authentication expired or is invalid
 	 * @throws StorageNotAvailableException if the storage is not available,
-	 * which might be temporary
+	 *                                      which might be temporary
 	 * @throws ForbiddenException if the action is not allowed
 	 */
 	protected function convertException(Exception $e, $path = '') {