diff --git a/apps/files_external/ajax/addRootCertificate.php b/apps/files_external/ajax/addRootCertificate.php
index 42927b86068a023c73b4fc12461d312c7cfa7aa4..e0a0239c9543b6fdd4cb3208ce0a43e99e1ee483 100644
--- a/apps/files_external/ajax/addRootCertificate.php
+++ b/apps/files_external/ajax/addRootCertificate.php
@@ -2,6 +2,11 @@
 
 OCP\JSON::checkAppEnabled('files_external');
 
+if ( !($filename = $_FILES['rootcert_import']['name']) ) {
+	header("Location: settings/personal.php");
+	exit;
+}
+
 $fh = fopen($_FILES['rootcert_import']['tmp_name'], 'r');
 $data = fread($fh, filesize($_FILES['rootcert_import']['tmp_name']));
 fclose($fh);
diff --git a/apps/files_external/ajax/removeRootCertificate.php b/apps/files_external/ajax/removeRootCertificate.php
index 8c196eddf55f1d3fd277dbbc70b0f83072fcaad6..6871b0fd1d4eaea09c6bd9e0110fd2e0d98cd5da 100644
--- a/apps/files_external/ajax/removeRootCertificate.php
+++ b/apps/files_external/ajax/removeRootCertificate.php
@@ -5,7 +5,10 @@ OCP\JSON::checkLoggedIn();
 OCP\JSON::callCheck();
 
 $view = \OCP\Files::getStorage("files_external");
-$cert = ltrim($_POST['cert'], "/\\.");
-$file = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").'uploads/'.$cert;
-unlink($file);
-OC_Mount_Config::createCertificateBundle();
+$file = 'uploads/'.ltrim($_POST['cert'], "/\\.");
+
+if ( $view->file_exists($file) ) {
+	$view->unlink($file);
+	OC_Mount_Config::createCertificateBundle();
+}
+