diff --git a/defaults/main.yml b/defaults/main.yml
index 68e5c6b6..0ebe430b 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -122,6 +122,8 @@ nova_oslomsg_rpc_port: "{{ oslomsg_rpc_port | default('5672') }}"
 nova_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl | default(False) }}"
 nova_oslomsg_rpc_userid: nova
 nova_oslomsg_rpc_vhost: /nova
+nova_oslomsg_rpc_ssl_version: "{{ oslomsg_rpc_ssl_version | default('TLSv1_2') }}"
+nova_oslomsg_rpc_ssl_ca_file: "{{ oslomsg_rpc_ssl_ca_file | default('') }}"
 
 # Notify
 nova_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}"
@@ -133,6 +135,8 @@ nova_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl | default(False) }}"
 nova_oslomsg_notify_userid: "{{ nova_oslomsg_rpc_userid }}"
 nova_oslomsg_notify_password: "{{ nova_oslomsg_rpc_password }}"
 nova_oslomsg_notify_vhost: "{{ nova_oslomsg_rpc_vhost }}"
+nova_oslomsg_notify_ssl_version: "{{ oslomsg_notify_ssl_version | default('TLSv1_2') }}"
+nova_oslomsg_notify_ssl_ca_file: "{{ oslomsg_notify_ssl_ca_file | default('') }}"
 
 ## Qdrouterd info
 # TODO(ansmith): Change structure when more backends will be supported
diff --git a/templates/nova.conf.j2 b/templates/nova.conf.j2
index 7120c05c..a71fd2c7 100644
--- a/templates/nova.conf.j2
+++ b/templates/nova.conf.j2
@@ -30,7 +30,7 @@ key = {{ nova_console_ssl_key }}
 enabled_apis = {{ nova_enabled_apis }}
 
 # Rpc all
-transport_url = {{ nova_oslomsg_rpc_transport }}://{% for host in nova_oslomsg_rpc_servers.split(',') %}{{ nova_oslomsg_rpc_userid }}:{{ nova_oslomsg_rpc_password }}@{{ host }}:{{ nova_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ nova_oslomsg_rpc_vhost }}{% if nova_oslomsg_rpc_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
+transport_url = {{ nova_oslomsg_rpc_transport }}://{% for host in nova_oslomsg_rpc_servers.split(',') %}{{ nova_oslomsg_rpc_userid }}:{{ nova_oslomsg_rpc_password }}@{{ host }}:{{ nova_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ nova_oslomsg_rpc_vhost }}{% if nova_oslomsg_rpc_use_ssl | bool %}?ssl=1&ssl_version={{ nova_oslomsg_rpc_ssl_version }}&ssl_ca_file={{ nova_oslomsg_rpc_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
 
 # Network
 my_ip = {% if nova_management_address == 'localhost' %}127.0.0.1{% else %}{{ nova_management_address }}{% endif %}
@@ -55,8 +55,7 @@ instance_usage_audit_period = hour
 {% endif %}
 topics = {{ notification_topics | join(',') }}
 driver = {{ (notification_topics | length > 0) | ternary('messagingv2', 'noop') }}
-transport_url = {{ nova_oslomsg_notify_transport }}://{% for host in nova_oslomsg_notify_servers.split(',') %}{{ nova_oslomsg_notify_userid }}:{{ nova_oslomsg_notify_password }}@{{ host }}:{{ nova_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ nova_oslomsg_notify_vhost }}{% if nova_oslomsg_notify_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
-
+transport_url = {{ nova_oslomsg_notify_transport }}://{% for host in nova_oslomsg_notify_servers.split(',') %}{{ nova_oslomsg_notify_userid }}:{{ nova_oslomsg_notify_password }}@{{ host }}:{{ nova_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ nova_oslomsg_notify_vhost }}{% if nova_oslomsg_notify_use_ssl | bool %}?ssl=1&ssl_version={{ nova_oslomsg_notify_ssl_version }}&ssl_ca_file={{ nova_oslomsg_notify_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
 
 # Image cache
 [image_cache]
@@ -206,10 +205,6 @@ pool_timeout = {{ nova_api_db_pool_timeout }}
 lock_path = {{ nova_lock_path }}
 
 
-[oslo_messaging_rabbit]
-ssl = {{ nova_oslomsg_rpc_use_ssl }}
-
-
 {% if nova_virt_type == 'ironic' %}
 [ironic]
 auth_type = {{ nova_keystone_auth_plugin }}