diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc
index b3f56dcfb59..cecbb4592ed 100644
--- a/iocore/net/SSLConfig.cc
+++ b/iocore/net/SSLConfig.cc
@@ -539,11 +539,14 @@ SSLCertificateConfig::reconfigure()
   }
 
   SSLMultiCertConfigLoader loader(params);
-  loader.load(lookup);
+  if (!loader.load(lookup)) {
+    retStatus = false;
+  }
 
   if (!lookup->is_valid) {
     retStatus = false;
   }
+
   // If there are errors in the certificate configs and we had wanted to exit on error
   // we won't want to reset the config
   if (lookup->is_valid || !params->configExitOnLoadError) {
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index 87df0d3173d..5478cf12571 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -1953,8 +1953,9 @@ SSLMultiCertConfigLoader::load(SSLCertLookup *lookup)
   if (ec) {
     switch (ec.value()) {
     case ENOENT:
+      // missing config file is an acceptable runtime state
       Warning("Cannot open SSL certificate configuration from %s - %s", params->configFilePath, strerror(ec.value()));
-      return false;
+      return true;
     default:
       Error("Failed to read SSL certificate configuration from %s - %s", params->configFilePath, strerror(ec.value()));
       return false;
@@ -1989,7 +1990,9 @@ SSLMultiCertConfigLoader::load(SSLCertLookup *lookup)
         if (ssl_extract_certificate(&line_info, sslMultiCertSettings.get())) {
           // There must be a certificate specified unless the tunnel action is set
           if (sslMultiCertSettings->cert || sslMultiCertSettings->opt != SSLCertContextOption::OPT_TUNNEL) {
-            this->_store_ssl_ctx(lookup, sslMultiCertSettings);
+            if (!this->_store_ssl_ctx(lookup, sslMultiCertSettings)) {
+              return false;
+            }
           } else {
             Warning("No ssl_cert_name specified and no tunnel action set");
           }