diff --git a/doc/source/configure-haproxy.rst b/doc/source/configure-haproxy.rst
index fbc84f9..2d4ce93 100644
--- a/doc/source/configure-haproxy.rst
+++ b/doc/source/configure-haproxy.rst
@@ -166,6 +166,11 @@ An example HTTP service could look like:
           haproxy_ssl: "{{ haproxy_ssl }}"
           haproxy_port: 10000
           haproxy_balance_type: http
+          # If backend connections should be secured with SSL (default False)
+          haproxy_backend_ssl: True
+          haproxy_backend_ca: /path/to/ca/cert.pem
+          # Or if certificate validation should be disabled
+          # haproxy_backend_ca: False
 
 Additionally, you can specify haproxy services that are not managed
 in the Ansible inventory by manually specifying their hostnames/IP Addresses:
diff --git a/templates/service.j2 b/templates/service.j2
index 243a635..1af3c58 100644
--- a/templates/service.j2
+++ b/templates/service.j2
@@ -115,6 +115,15 @@ backend {{ item.service.haproxy_service_name }}-back
 {% set _ = entry.append(item.service.haproxy_backend_nodes | count | string) %}
 {% set _ = entry.append("fall") %}
 {% set _ = entry.append(item.service.haproxy_backend_nodes | count | string) %}
+{% if item.service.haproxy_backend_ssl | default(False) %}
+{% set _ = entry.append("ssl") %}
+{% if item.service.haproxy_backend_ca %}
+{% set _ = entry.append("ca-file") %}
+{% set _ = entry.append(item.service.haproxy_backend_ca) %}
+{% else %}
+{% set _ = entry.append("verify none") %}
+{% endif %}
+{% endif %}
     {{ entry | join(' ') }}
 {% endfor %}
 
@@ -136,5 +145,14 @@ backend {{ item.service.haproxy_service_name }}-back
 {% set _ = entry.append("fall") %}
 {% set _ = entry.append(item.service.haproxy_backup_nodes | count | string) %}
 {% set _ = entry.append("backup") %}
+{% if item.service.haproxy_backend_ssl | default(False) %}
+{% set _ = entry.append("ssl") %}
+{% if item.service.haproxy_backend_ca %}
+{% set _ = entry.append("ca-file") %}
+{% set _ = entry.append(item.service.haproxy_backend_ca) %}
+{% else %}
+{% set _ = entry.append("verify none") %}
+{% endif %}
+{% endif %}
     {{ entry | join(' ') }}
 {% endfor %}
diff --git a/tests/test-vars.yml b/tests/test-vars.yml
index e22fb46..bf929b0 100644
--- a/tests/test-vars.yml
+++ b/tests/test-vars.yml
@@ -22,3 +22,12 @@ haproxy_service_configs:
       haproxy_balance_type: tcp
       haproxy_backend_options:
         - tcp-check
+  - service:
+      haproxy_service_name: test_backend_ssl
+      haproxy_backend_nodes: "{{ groups['haproxy_all'] | default([]) }}"
+      haproxy_port: 8180
+      haproxy_backend_port: 443
+      haproxy_backend_ssl: True
+      haproxy_backend_ca: False
+      haproxy_ssl: False
+      haproxy_balance_type: http