diff --git a/lib/private/Http/Client/ClientService.php b/lib/private/Http/Client/ClientService.php
index 532aa7f566ab5..66f84e14c5740 100644
--- a/lib/private/Http/Client/ClientService.php
+++ b/lib/private/Http/Client/ClientService.php
@@ -27,8 +27,8 @@
 namespace OC\Http\Client;
 
 use GuzzleHttp\Client as GuzzleClient;
-use GuzzleHttp\HandlerStack;
 use GuzzleHttp\Handler\CurlHandler;
+use GuzzleHttp\HandlerStack;
 use GuzzleHttp\Middleware;
 use OCP\Diagnostics\IEventLogger;
 use OCP\Http\Client\IClient;
@@ -75,7 +75,9 @@ public function __construct(
 	public function newClient(): IClient {
 		$handler = new CurlHandler();
 		$stack = HandlerStack::create($handler);
-		$stack->push($this->dnsPinMiddleware->addDnsPinning());
+		if ($this->config->getSystemValueBool('dns_pinning', true)) {
+			$stack->push($this->dnsPinMiddleware->addDnsPinning());
+		}
 		$stack->push(Middleware::tap(function (RequestInterface $request) {
 			$this->eventLogger->start('http:request', $request->getMethod() . " request to " . $request->getRequestTarget());
 		}, function () {
diff --git a/tests/lib/Http/Client/ClientServiceTest.php b/tests/lib/Http/Client/ClientServiceTest.php
index 40da0a2111c77..3aae7ceae2555 100644
--- a/tests/lib/Http/Client/ClientServiceTest.php
+++ b/tests/lib/Http/Client/ClientServiceTest.php
@@ -12,8 +12,8 @@
 namespace Test\Http\Client;
 
 use GuzzleHttp\Client as GuzzleClient;
-use GuzzleHttp\HandlerStack;
 use GuzzleHttp\Handler\CurlHandler;
+use GuzzleHttp\HandlerStack;
 use GuzzleHttp\Middleware;
 use OC\Http\Client\Client;
 use OC\Http\Client\ClientService;
@@ -32,6 +32,9 @@ class ClientServiceTest extends \Test\TestCase {
 	public function testNewClient(): void {
 		/** @var IConfig $config */
 		$config = $this->createMock(IConfig::class);
+		$config->method('getSystemValueBool')
+			->with('dns_pinning', true)
+			->willReturn(true);
 		/** @var ICertificateManager $certificateManager */
 		$certificateManager = $this->createMock(ICertificateManager::class);
 		$dnsPinMiddleware = $this->createMock(DnsPinMiddleware::class);
@@ -74,4 +77,52 @@ public function testNewClient(): void {
 			$clientService->newClient()
 		);
 	}
+
+	public function testDisableDnsPinning(): void {
+		/** @var IConfig $config */
+		$config = $this->createMock(IConfig::class);
+		$config->method('getSystemValueBool')
+			->with('dns_pinning', true)
+			->willReturn(false);
+		/** @var ICertificateManager $certificateManager */
+		$certificateManager = $this->createMock(ICertificateManager::class);
+		$dnsPinMiddleware = $this->createMock(DnsPinMiddleware::class);
+		$dnsPinMiddleware
+			->expects($this->never())
+			->method('addDnsPinning')
+			->willReturn(function () {
+			});
+		$remoteHostValidator = $this->createMock(IRemoteHostValidator::class);
+		$eventLogger = $this->createMock(IEventLogger::class);
+		$logger = $this->createMock(LoggerInterface::class);
+
+		$clientService = new ClientService(
+			$config,
+			$certificateManager,
+			$dnsPinMiddleware,
+			$remoteHostValidator,
+			$eventLogger,
+			$logger,
+		);
+
+		$handler = new CurlHandler();
+		$stack = HandlerStack::create($handler);
+		$stack->push(Middleware::tap(function (RequestInterface $request) use ($eventLogger) {
+			$eventLogger->start('http:request', $request->getMethod() . " request to " . $request->getRequestTarget());
+		}, function () use ($eventLogger) {
+			$eventLogger->end('http:request');
+		}), 'event logger');
+		$guzzleClient = new GuzzleClient(['handler' => $stack]);
+
+		$this->assertEquals(
+			new Client(
+				$config,
+				$certificateManager,
+				$guzzleClient,
+				$remoteHostValidator,
+				$logger,
+			),
+			$clientService->newClient()
+		);
+	}
 }