diff --git a/lib/puppet/ssl/ssl_provider.rb b/lib/puppet/ssl/ssl_provider.rb
index 8b2d7a71b0..0ec6b0d932 100644
--- a/lib/puppet/ssl/ssl_provider.rb
+++ b/lib/puppet/ssl/ssl_provider.rb
@@ -97,12 +97,14 @@ def create_system_context(cacerts:, path: Puppet[:ssl_trust_store], include_clie
       cert_provider = Puppet::X509::CertProvider.new
       private_key = cert_provider.load_private_key(Puppet[:certname], required: false)
       unless private_key
-        Puppet.warning("Private key for '#{Puppet[:certname]}' does not exist")
+        msg = "Private key for '#{Puppet[:certname]}' does not exist"
+        Puppet.run_mode.name == :user ? Puppet.info(msg) : Puppet.warning(msg)
       end
 
       client_cert = cert_provider.load_client_cert(Puppet[:certname], required: false)
       unless client_cert
-        Puppet.warning("Client certificate for '#{Puppet[:certname]}' does not exist")
+        msg = "Client certificate for '#{Puppet[:certname]}' does not exist"
+        Puppet.run_mode.name == :user ? Puppet.info(msg) : Puppet.warning(msg)
       end
 
       if private_key && client_cert
diff --git a/spec/unit/ssl/ssl_provider_spec.rb b/spec/unit/ssl/ssl_provider_spec.rb
index e0d11d3381..e54c650f8d 100644
--- a/spec/unit/ssl/ssl_provider_spec.rb
+++ b/spec/unit/ssl/ssl_provider_spec.rb
@@ -159,22 +159,40 @@
       expect(sslctx.private_key).to be_nil
     end
 
-    it 'warns if the client cert does not exist' do
+    it 'warns if the client cert does not exist when in non-user mode' do
       Puppet[:certname] = 'missingcert'
       Puppet[:hostprivkey] = fixtures('ssl/signed-key.pem')
+      Puppet.settings.preferred_run_mode = 'server'
 
       expect(Puppet).to receive(:warning).with("Client certificate for 'missingcert' does not exist")
       subject.create_system_context(cacerts: [], include_client_cert: true)
     end
 
-    it 'warns if the private key does not exist' do
+    it 'warns if the private key does not exist when in non-user mode' do
       Puppet[:certname] = 'missingkey'
       Puppet[:hostcert] = fixtures('ssl/signed.pem')
+      Puppet.settings.preferred_run_mode = 'server'
 
       expect(Puppet).to receive(:warning).with("Private key for 'missingkey' does not exist")
       subject.create_system_context(cacerts: [], include_client_cert: true)
     end
 
+    it 'shows info message if the client cert does not exist when in user mode' do
+      Puppet[:certname] = 'missingcert'
+      Puppet[:hostprivkey] = fixtures('ssl/signed-key.pem')
+
+      expect(Puppet).to receive(:info).with("Client certificate for 'missingcert' does not exist")
+      subject.create_system_context(cacerts: [], include_client_cert: true)
+    end
+
+    it 'shows info message if the private key does not exist when in user mode' do
+      Puppet[:certname] = 'missingkey'
+      Puppet[:hostcert] = fixtures('ssl/signed.pem')
+
+      expect(Puppet).to receive(:info).with("Private key for 'missingkey' does not exist")
+      subject.create_system_context(cacerts: [], include_client_cert: true)
+    end
+
     it 'raises if client cert and private key are mismatched' do
       Puppet[:hostcert] = fixtures('ssl/signed.pem')
       Puppet[:hostprivkey] = fixtures('ssl/127.0.0.1-key.pem')