diff --git a/common/ca_ci.cpp b/common/ca_ci.cpp
index 429e3e3..e2f0484 100644
--- a/common/ca_ci.cpp
+++ b/common/ca_ci.cpp
@@ -38,6 +38,8 @@
 
 static const char * FILENAME = "[ca_ci]";
 static unsigned int LiveSlot = 0;
+static bool CertChecked = false;
+static bool Cert_OK = false;
 static uint8_t NullPMT[50]={0x9F,0x80,0x32,0x2E,0x03,0x6E,0xA7,0x37,0x00,0x00,0x1B,0x15,0x7D,0x00,0x00,0x03,0x15,0x7E,0x00,0x00,0x03,0x15,0x7F,0x00,
 0x00,0x06,0x15,0x80,0x00,0x00,0x06,0x15,0x82,0x00,0x00,0x0B,0x08,0x7B,0x00,0x00,0x05,0x09,0x42,0x00,0x00,0x06,0x15,0x81,0x00,0x00};
 
@@ -1267,3 +1269,13 @@ bool cCA::SendNullPMT(tSlot* slot)
 	return true;
 }
 
+bool cCA::CheckCerts(void)
+{
+	if(!CertChecked)
+	{
+		if (access(ROOT_CERT, F_OK) == 0 && access(ROOT_CERT, F_OK) == 0 && access(ROOT_CERT, F_OK) == 0)
+			Cert_OK = true;
+		CertChecked = true;
+	}
+	return Cert_OK;
+}
diff --git a/common/ca_ci.h b/common/ca_ci.h
index 2e7e470..2790ba6 100644
--- a/common/ca_ci.h
+++ b/common/ca_ci.h
@@ -296,6 +296,7 @@ public:
 
 	unsigned int GetLiveSlot(void);
 	bool SendNullPMT(tSlot* slot);
+	bool CheckCerts(void);
 	void Test(int slot, CaIdVector caids);
 	void DelTest(int slot);
 	/// Virtual destructor
diff --git a/libdvbci/dvbci_ccmgr.cpp b/libdvbci/dvbci_ccmgr.cpp
index 9024bb2..de0d6c2 100644
--- a/libdvbci/dvbci_ccmgr.cpp
+++ b/libdvbci/dvbci_ccmgr.cpp
@@ -773,9 +773,9 @@ static int restart_dh_challenge(struct cc_ctrl_data *cc_data)
 	}
 
 	/* load certificates and device key */
-	certificate_load_and_check(ctx, "/etc/pem/root.pem");
-	ctx->cust_cert = certificate_load_and_check(ctx, "/etc/pem/customer.pem");
-	ctx->device_cert = certificate_load_and_check(ctx, "/etc/pem/device.pem");
+	certificate_load_and_check(ctx, ROOT_CERT);
+	ctx->cust_cert = certificate_load_and_check(ctx, CUSTOMER_CERT);
+	ctx->device_cert = certificate_load_and_check(ctx, DEVICE_CERT);
 
 	if (!ctx->cust_cert || !ctx->device_cert) {
 		fprintf(stderr, "cannot loader certificates\n");
@@ -792,7 +792,7 @@ static int restart_dh_challenge(struct cc_ctrl_data *cc_data)
 	if (!element_set_hostid_from_certificate(cc_data, 5, ctx->device_cert))
 		fprintf(stderr, "cannot set hostid in elements\n");
 
-	cc_data->rsa_device_key = rsa_privatekey_open("/etc/pem/device.pem");
+	cc_data->rsa_device_key = rsa_privatekey_open(DEVICE_CERT);
 	if (!cc_data->rsa_device_key) {
 		fprintf(stderr, "cannot read private key\n");
 		return -1;
diff --git a/libdvbci/dvbci_resmgr.cpp b/libdvbci/dvbci_resmgr.cpp
index 8001732..a7c7449 100644
--- a/libdvbci/dvbci_resmgr.cpp
+++ b/libdvbci/dvbci_resmgr.cpp
@@ -49,6 +49,7 @@ int eDVBCIResourceManagerSession::doAction()
 		case stateStarted:
 		{
 			const unsigned char tag[3] = {0x9F, 0x80, 0x10}; // profile enquiry
+			cCA::GetInstance()->CheckCerts();
 			sendAPDU(tag);
 			state = stateFirstProfileEnquiry;
 			return 0;
@@ -68,19 +69,38 @@ int eDVBCIResourceManagerSession::doAction()
 		case stateProfileEnquiry:
 		{
 			const unsigned char tag[3] = {0x9F, 0x80, 0x11};
-			const unsigned char data[][4] =
+			if (cCA::GetInstance()->CheckCerts())
 			{
-				{0x00, 0x01, 0x00, 0x41},
-				{0x00, 0x02, 0x00, 0x41},
-				{0x00, 0x02, 0x00, 0x43},
-				{0x00, 0x03, 0x00, 0x41},
-//				{0x00, 0x20, 0x00, 0x41}, // host control
-				{0x00, 0x40, 0x00, 0x41},
-				{0x00, 0x24, 0x00, 0x41},
-				{0x00, 0x8c, 0x10, 0x01} // content control
-//				{0x00, 0x10, 0x00, 0x41} // auth.
-			};
-			sendAPDU(tag, data, sizeof(data));
+				const unsigned char data[][4] =
+				{
+					{0x00, 0x01, 0x00, 0x41},	// resource
+					{0x00, 0x02, 0x00, 0x41},	// application V1
+					{0x00, 0x02, 0x00, 0x43},	// application V3
+					{0x00, 0x03, 0x00, 0x41},	// conditional access
+//					{0x00, 0x20, 0x00, 0x41},	// host control
+					{0x00, 0x40, 0x00, 0x41},	// mmi
+					{0x00, 0x24, 0x00, 0x41},	// date-time
+					{0x00, 0x8c, 0x10, 0x01}	// content control
+//					{0x00, 0x10, 0x00, 0x41}	// auth.
+				};
+				sendAPDU(tag, data, sizeof(data));
+			}
+			else
+			{
+				const unsigned char data[][4] =
+				{
+					{0x00, 0x01, 0x00, 0x41},	// resource
+					{0x00, 0x02, 0x00, 0x41},	// application V1
+					{0x00, 0x02, 0x00, 0x43},	// application V3
+					{0x00, 0x03, 0x00, 0x41},	// conditional access
+//					{0x00, 0x20, 0x00, 0x41},	// host control
+					{0x00, 0x40, 0x00, 0x41},	// mmi
+					{0x00, 0x24, 0x00, 0x41}	// date-time
+//					{0x00, 0x10, 0x00, 0x41}	// auth.
+				};
+				sendAPDU(tag, data, sizeof(data));
+			}
+			//sendAPDU(tag, data, sizeof(data));
 			state = stateFinal;
 			return 0;
 		}
diff --git a/libdvbci/dvbci_session.cpp b/libdvbci/dvbci_session.cpp
index 167f855..f5a6e38 100644
--- a/libdvbci/dvbci_session.cpp
+++ b/libdvbci/dvbci_session.cpp
@@ -173,10 +173,13 @@ eDVBCISession* eDVBCISession::createSession(tSlot *slot, const unsigned char *re
 			sessions[session_nb - 1] = new eDVBCIMMISession(slot);
 			printf("MMI - create session\n");
 			break;
-		case 0x008c1001:
-			sessions[session_nb - 1] = new eDVBCIContentControlManagerSession(slot);
-			printf("CC MANAGER\n");
-			break;
+		if (cCA::GetInstance()->CheckCerts())
+		{
+			case 0x008c1001:
+				sessions[session_nb - 1] = new eDVBCIContentControlManagerSession(slot);
+				printf("CC MANAGER\n");
+				break;
+		}
 		case 0x00100041:
 //			session=new eDVBCIAuthSession;
 			printf("AuthSession\n");
diff --git a/libdvbci/dvbci_session.h b/libdvbci/dvbci_session.h
index d2bb90c..1687181 100644
--- a/libdvbci/dvbci_session.h
+++ b/libdvbci/dvbci_session.h
@@ -5,6 +5,10 @@
 
 #define SLMS 256
 
+#define ROOT_CERT     "/etc/pem/root.pem"
+#define CUSTOMER_CERT "/etc/pem/customer.pem"
+#define DEVICE_CERT   "/etc/pem/device.pem"
+
 class eDVBCISession
 {
 	static eDVBCISession* sessions[SLMS];