diff --git a/service/cinder-api.yaml b/service/cinder-api.yaml
index 58518ca..51903d4 100644
--- a/service/cinder-api.yaml
+++ b/service/cinder-api.yaml
@@ -14,9 +14,9 @@ service:
           command:
             mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ cinder.db.name }};
             create user '{{ cinder.db.username }}'@'%' identified by '{{ cinder.db.password }}'
-            {% if percona.tls.enabled %} require ssl {% endif %};
+            {% if db.tls.enabled %} require ssl {% endif %};
             grant all privileges on {{ cinder.db.name }}.* to '{{ cinder.db.username }}'@'%' identified by '{{ cinder.db.password }}'
-            {% if percona.tls.enabled %} require ssl {% endif %};"
+            {% if db.tls.enabled %} require ssl {% endif %};"
         - name: cinder-db-sync
           files:
             - cinder-conf
diff --git a/service/files/cinder.conf.j2 b/service/files/cinder.conf.j2
index 5b04ac0..83aad66 100644
--- a/service/files/cinder.conf.j2
+++ b/service/files/cinder.conf.j2
@@ -24,7 +24,7 @@ glance_catalog_info = image:glance:internalURL
 auth_strategy = keystone
 
 [database]
-connection = mysql+pymysql://{{ cinder.db.username }}:{{ cinder.db.password }}@{{ address(service.database) }}/{{ cinder.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
+connection = mysql+pymysql://{{ cinder.db.username }}:{{ cinder.db.password }}@{{ address(service.database) }}/{{ cinder.db.name }}{% if db.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
 max_retries = -1
 
 {{ keystone_authtoken.keystone_authtoken(cinder.username, cinder.password) }}