diff --git a/manifests/ironic.pp b/manifests/ironic.pp
index 0d64db0cd..7ea4e43d1 100644
--- a/manifests/ironic.pp
+++ b/manifests/ironic.pp
@@ -12,10 +12,20 @@ class openstack_integration::ironic (
   include openstack_integration::params
 
   if $::openstack_integration::config::ssl {
+    if $facts['os']['family'] != 'RedHat' {
+      # TODO(tkajinam): ironic-inspector can enable ssl with use_ssl and
+      #                 ssl options from oslo.service
+      fail('ssl is supported only in CentOS and RHEL')
+    }
+
     openstack_integration::ssl_key { 'ironic':
       notify  => Service['httpd'],
       require => Package['ironic-common'],
     }
+    openstack_integration::ssl_key { 'ironic-inspector':
+      notify  => Service['httpd'],
+      require => Package['ironic-inspector'],
+    }
     Exec['update-ca-certificates'] ~> Service['httpd']
   }
 
@@ -78,13 +88,6 @@ class openstack_integration::ironic (
     memcached_servers            => $::openstack_integration::config::memcached_servers,
     service_token_roles_required => true,
   }
-  class { 'ironic::keystone::auth_inspector':
-    public_url   => "http://${::openstack_integration::config::ip_for_url}:5050",
-    internal_url => "http://${::openstack_integration::config::ip_for_url}:5050",
-    admin_url    => "http://${::openstack_integration::config::ip_for_url}:5050",
-    roles        => ['admin', 'service'],
-    password     => 'a_big_secret',
-  }
   class { 'ironic::client': }
   class { 'ironic::api':
     service_name => 'httpd',
@@ -107,8 +110,13 @@ class openstack_integration::ironic (
     enabled_vendor_interfaces     => ['fake', 'ipmitool', 'no-vendor'],
   }
   class { 'ironic::drivers::ipmi': }
-
-  # Ironic inspector resources
+  class { 'ironic::keystone::auth_inspector':
+    public_url   => "${::openstack_integration::config::base_url}:5050",
+    internal_url => "${::openstack_integration::config::base_url}:5050",
+    admin_url    => "${::openstack_integration::config::base_url}:5050",
+    roles        => ['admin', 'service'],
+    password     => 'a_big_secret',
+  }
   class { 'ironic::inspector::db::mysql':
     charset  => $::openstack_integration::params::mysql_charset,
     collate  => $::openstack_integration::params::mysql_collate,
@@ -143,6 +151,19 @@ class openstack_integration::ironic (
     password => 'a_big_secret',
     auth_url => "${::openstack_integration::config::keystone_auth_uri}/v3",
   }
+
+  if $facts['os']['family'] == 'RedHat' {
+    class { 'ironic::inspector::wsgi::apache':
+      bind_host => $::openstack_integration::config::host,
+      ssl       => $::openstack_integration::config::ssl,
+      ssl_key   => "/etc/ironic-inspector/ssl/private/${facts['networking']['fqdn']}.pem",
+      ssl_cert  => $::openstack_integration::params::cert_path,
+      workers   => 2,
+    }
+    $standalone = false
+  } else {
+    $standalone = true
+  }
   class { 'ironic::inspector':
     listen_address        => $::openstack_integration::config::host,
     default_transport_url => os_transport_url({
@@ -153,6 +174,8 @@ class openstack_integration::ironic (
       'password'  => 'an_even_bigger_secret',
     }),
     rabbit_use_ssl        => $::openstack_integration::config::ssl,
+    standalone            => $standalone,
     dnsmasq_interface     => 'eth0',
   }
+  class { 'ironic::inspector::client': }
 }