diff --git a/defaults/main.yml b/defaults/main.yml
index bcd942d..8fa4401 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -71,6 +71,8 @@ tacker_oslomsg_rpc_port: "{{ oslomsg_rpc_port | default('5672') }}"
 tacker_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl | default(False) }}"
 tacker_oslomsg_rpc_userid: tacker
 tacker_oslomsg_rpc_vhost: /tacker
+tacker_oslomsg_rpc_ssl_version: "{{ oslomsg_rpc_ssl_version | default('TLSv1_2') }}"
+tacker_oslomsg_rpc_ssl_ca_file: "{{ oslomsg_rpc_ssl_ca_file | default('') }}"
 
 # Notify
 tacker_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}"
@@ -82,6 +84,8 @@ tacker_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl | default(False) }}"
 tacker_oslomsg_notify_userid: "{{ tacker_oslomsg_rpc_userid }}"
 tacker_oslomsg_notify_password: "{{ tacker_oslomsg_rpc_password }}"
 tacker_oslomsg_notify_vhost: "{{ tacker_oslomsg_rpc_vhost }}"
+tacker_oslomsg_notify_ssl_version: "{{ oslomsg_notify_ssl_version | default('TLSv1_2') }}"
+tacker_oslomsg_notify_ssl_ca_file: "{{ oslomsg_notify_ssl_ca_file | default('') }}"
 
 ## (Qdrouterd) integration
 # TODO(ansmith): Change structure when more backends will be supported
diff --git a/templates/tacker.conf.j2 b/templates/tacker.conf.j2
index a96458d..096c895 100644
--- a/templates/tacker.conf.j2
+++ b/templates/tacker.conf.j2
@@ -4,7 +4,7 @@
 debug = {{ debug }}
 
 # oslo.messaging rpc transport
-transport_url = {{ tacker_oslomsg_rpc_transport }}://{% for host in tacker_oslomsg_rpc_servers.split(',') %}{{ tacker_oslomsg_rpc_userid }}:{{ tacker_oslomsg_rpc_password }}@{{ host }}:{{ tacker_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ tacker_oslomsg_rpc_vhost }}{% if (tacker_oslomsg_rpc_use_ssl | lower) | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
+transport_url = {{ tacker_oslomsg_rpc_transport }}://{% for host in tacker_oslomsg_rpc_servers.split(',') %}{{ tacker_oslomsg_rpc_userid }}:{{ tacker_oslomsg_rpc_password }}@{{ host }}:{{ tacker_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ tacker_oslomsg_rpc_vhost }}{% if tacker_oslomsg_rpc_use_ssl | bool %}?ssl=1&ssl_version={{ tacker_oslomsg_rpc_ssl_version }}&ssl_ca_file={{ tacker_oslomsg_rpc_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
 
 # Where to store Tacker state files.  This directory must be writable by the
 # user executing the agent.
@@ -104,4 +104,4 @@ ssl = {{ tacker_oslomsg_notify_use_ssl | bool }}
 
 [oslo_messaging_notifications]
 driver = {{ (tacker_ceilometer_enabled | bool) | ternary('messagingv2', 'noop') }}
-transport_url = {{ tacker_oslomsg_notify_transport }}://{% for host in tacker_oslomsg_notify_servers.split(',') %}{{ tacker_oslomsg_notify_userid }}:{{ tacker_oslomsg_notify_password }}@{{ host }}:{{ tacker_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ tacker_oslomsg_notify_vhost }}{% if (tacker_oslomsg_notify_use_ssl | lower) | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
+transport_url = {{ tacker_oslomsg_notify_transport }}://{% for host in tacker_oslomsg_notify_servers.split(',') %}{{ tacker_oslomsg_notify_userid }}:{{ tacker_oslomsg_notify_password }}@{{ host }}:{{ tacker_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ tacker_oslomsg_notify_vhost }}{% if tacker_oslomsg_notify_use_ssl | bool %}?ssl=1&ssl_version={{ tacker_oslomsg_notify_ssl_version }}&ssl_ca_file={{ tacker_oslomsg_notify_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}