Thanks. The "mod/certificate:manage" didn't work for me, but I did go in and alter the settings for Siteadmin->Security->Modulesecurity defaultallowedmodules.
The only problem now is that it works for new courses I create, but not for all of the courses that already exist. Looks like I'll be busy for awhile unless I find another way.
This at least gets me to the result I need.