diff --git a/builtin/credential/cert/backend.go b/builtin/credential/cert/backend.go
index 81dba0a80..72089037a 100644
--- a/builtin/credential/cert/backend.go
+++ b/builtin/credential/cert/backend.go
@@ -23,16 +23,6 @@ func Factory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend,
 	if err := b.Setup(ctx, conf); err != nil {
 		return nil, err
 	}
-	bConf, err := b.Config(ctx, conf.StorageView)
-	if err != nil {
-		return nil, err
-	}
-	if bConf != nil {
-		b.updatedConfig(bConf)
-	}
-	if err := b.lockThenpopulateCRLs(ctx, conf.StorageView); err != nil {
-		return nil, err
-	}
 	return b, nil
 }
 
@@ -53,10 +43,11 @@ func Backend() *backend {
 			pathListCRLs(&b),
 			pathCRLs(&b),
 		},
-		AuthRenew:    b.pathLoginRenew,
-		Invalidate:   b.invalidate,
-		BackendType:  logical.TypeCredential,
-		PeriodicFunc: b.updateCRLs,
+		AuthRenew:      b.pathLoginRenew,
+		Invalidate:     b.invalidate,
+		BackendType:    logical.TypeCredential,
+		InitializeFunc: b.initialize,
+		PeriodicFunc:   b.updateCRLs,
 	}
 
 	b.crlUpdateMutex = &sync.RWMutex{}
@@ -74,6 +65,25 @@ type backend struct {
 	configUpdated   atomic.Bool
 }
 
+func (b *backend) initialize(ctx context.Context, req *logical.InitializationRequest) error {
+	bConf, err := b.Config(ctx, req.Storage)
+	if err != nil {
+		b.Logger().Error(fmt.Sprintf("failed to load backend configuration: %v", err))
+		return err
+	}
+
+	if bConf != nil {
+		b.updatedConfig(bConf)
+	}
+
+	if err := b.lockThenpopulateCRLs(ctx, req.Storage); err != nil {
+		b.Logger().Error(fmt.Sprintf("failed to populate CRLs: %v", err))
+		return err
+	}
+
+	return nil
+}
+
 func (b *backend) invalidate(_ context.Context, key string) {
 	switch {
 	case strings.HasPrefix(key, "crls/"):
diff --git a/builtin/credential/cert/backend_test.go b/builtin/credential/cert/backend_test.go
index c56ecefad..f7e238500 100644
--- a/builtin/credential/cert/backend_test.go
+++ b/builtin/credential/cert/backend_test.go
@@ -1103,6 +1103,11 @@ func testFactory(t *testing.T) logical.Backend {
 	if err != nil {
 		t.Fatalf("error: %s", err)
 	}
+	if err := b.Initialize(context.Background(), &logical.InitializationRequest{
+		Storage: storage,
+	}); err != nil {
+		t.Fatalf("error: %s", err)
+	}
 	return b
 }
 
diff --git a/changelog/18885.txt b/changelog/18885.txt
new file mode 100644
index 000000000..99878c89c
--- /dev/null
+++ b/changelog/18885.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+auth/cert: Load config, crls from InitializeFunc to allow parallel processing.
+```