diff --git a/src/com/android/settings/MonitoringCertInfoActivity.java b/src/com/android/settings/MonitoringCertInfoActivity.java
index 23923976e99..aea2a37eb42 100644
--- a/src/com/android/settings/MonitoringCertInfoActivity.java
+++ b/src/com/android/settings/MonitoringCertInfoActivity.java
@@ -27,6 +27,8 @@ import android.os.Bundle;
 import android.os.UserHandle;
 import android.provider.Settings;
 
+import com.android.settingslib.RestrictedLockUtils;
+
 /**
  * Activity that shows a dialog explaining that a CA cert is allowing someone to monitor network
  * traffic. This activity should be launched for the user into which the CA cert is installed
@@ -46,8 +48,10 @@ public class MonitoringCertInfoActivity extends Activity implements OnClickListe
         DevicePolicyManager dpm = getSystemService(DevicePolicyManager.class);
         final int numberOfCertificates = getIntent().getIntExtra(
                 Settings.EXTRA_NUMBER_OF_CERTIFICATES, 1);
-        final CharSequence title = getResources().getQuantityText(
-                R.plurals.ssl_ca_cert_dialog_title, numberOfCertificates);
+        final int titleId = RestrictedLockUtils.getProfileOrDeviceOwner(this, mUserId) != null
+                ? R.plurals.ssl_ca_cert_settings_button // Check certificate
+                : R.plurals.ssl_ca_cert_dialog_title; // Trust or remove certificate
+        final CharSequence title = getResources().getQuantityText(titleId, numberOfCertificates);
         setTitle(title);
 
         final AlertDialog.Builder builder = new AlertDialog.Builder(this);
diff --git a/src/com/android/settings/TrustedCredentialsDialogBuilder.java b/src/com/android/settings/TrustedCredentialsDialogBuilder.java
index da557fe84a8..31042cbcde1 100644
--- a/src/com/android/settings/TrustedCredentialsDialogBuilder.java
+++ b/src/com/android/settings/TrustedCredentialsDialogBuilder.java
@@ -34,6 +34,7 @@ import android.widget.Spinner;
 
 import com.android.internal.widget.LockPatternUtils;
 import com.android.settings.TrustedCredentialsSettings.CertHolder;
+import com.android.settingslib.RestrictedLockUtils;
 
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
@@ -221,10 +222,11 @@ class TrustedCredentialsDialogBuilder extends AlertDialog.Builder {
                     && isUserSecure(certHolder.getUserId())
                     && !mDpm.isCaCertApproved(certHolder.getAlias(), certHolder.getUserId());
 
-            // The ok button is optional. User can still dismiss the dialog by other means.
-            // Display it only when trust button is not displayed, because we want users to
-            // either remove or trust a CA cert when the cert is installed by DPC app.
-            CharSequence displayText = mActivity.getText(mNeedsApproval
+            final boolean isProfileOrDeviceOwner = RestrictedLockUtils.getProfileOrDeviceOwner(
+                    mActivity, certHolder.getUserId()) != null;
+
+            // Show trust button only when it requires consumer user (non-PO/DO) to approve
+            CharSequence displayText = mActivity.getText(!isProfileOrDeviceOwner && mNeedsApproval
                     ? R.string.trusted_credentials_trust_label
                     : android.R.string.ok);
             mPositiveButton = updateButton(DialogInterface.BUTTON_POSITIVE, displayText);