diff --git a/helm-chart/renku/templates/_certificates-init-container.tpl b/helm-chart/renku/templates/_certificates-init-container.tpl
index e88cc43d7f..6adea68324 100644
--- a/helm-chart/renku/templates/_certificates-init-container.tpl
+++ b/helm-chart/renku/templates/_certificates-init-container.tpl
@@ -3,10 +3,7 @@
 - name: init-certificates
   image: "{{ .Values.global.certificates.image.repository }}:{{ .Values.global.certificates.image.tag }}"
   securityContext:
-    allowPrivilegeEscalation: false
-    runAsUser: 1000
-    runAsGroup: 1000
-    runAsNonRoot: true
+{{ toYaml .Values.global.certificates.securityContext | indent 4 }}
   volumeMounts:
     - name: etc-ssl-certs
       mountPath: /etc/ssl/certs/
diff --git a/helm-chart/renku/values.yaml b/helm-chart/renku/values.yaml
index b860c13a95..6df1e4ee2b 100644
--- a/helm-chart/renku/values.yaml
+++ b/helm-chart/renku/values.yaml
@@ -205,6 +205,11 @@ global:
       repository: renku/certificates
       tag: "0.0.2"
     customCAs: []
+    securityContext:
+      allowPrivilegeEscalation: false
+      runAsUser: 1000
+      runAsGroup: 1000
+      runAsNonRoot: true
     # - secret:
   ## Database credentials for postgres
   db: