diff --git a/releasenotes/notes/tempest.yaml b/releasenotes/notes/tempest.yaml
index 714064fd26..243f85b382 100644
--- a/releasenotes/notes/tempest.yaml
+++ b/releasenotes/notes/tempest.yaml
@@ -8,4 +8,5 @@ tempest:
   - 0.2.3 Fix logging config
   - 0.2.4 Update default image values to Wallaby
   - 0.2.5 Added OCI registry authentication
+  - 0.2.6 Support SSL openstack endpoints
 ...
diff --git a/tempest/Chart.yaml b/tempest/Chart.yaml
index b1dde92c1b..56c4ce4723 100644
--- a/tempest/Chart.yaml
+++ b/tempest/Chart.yaml
@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Tempest
 name: tempest
-version: 0.2.5
+version: 0.2.6
 home: https://docs.openstack.org/tempest/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/tempest/OpenStack_Project_tempest_vertical.png
 sources:
diff --git a/tempest/templates/job-ks-user.yaml b/tempest/templates/job-ks-user.yaml
index ae8f774997..4537d5a536 100644
--- a/tempest/templates/job-ks-user.yaml
+++ b/tempest/templates/job-ks-user.yaml
@@ -23,5 +23,8 @@ helm.sh/hook-weight: "-1"
 {{- if .Values.helm3_hook }}
 {{- $_ := set $ksUserJob "jobAnnotations" (include "metadata.annotations.job.ks_user" . | fromYaml) -}}
 {{- end }}
+{{- if or .Values.manifests.certificates .Values.tls.identity -}}
+{{- $_ := set $ksUserJob "tlsSecret" .Values.secrets.tls.identity.api.internal -}}
+{{- end -}}
 {{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
 {{- end }}
diff --git a/tempest/templates/job-run-tests.yaml b/tempest/templates/job-run-tests.yaml
index abacad1325..fc37523553 100644
--- a/tempest/templates/job-run-tests.yaml
+++ b/tempest/templates/job-run-tests.yaml
@@ -61,6 +61,10 @@ spec:
           command:
             - /tmp/run-tests.sh
           env:
+{{- if or .Values.manifests.certificates .Values.tls.identity }}
+            - name: REQUESTS_CA_BUNDLE
+              value: "/etc/tempest/certs/ca.crt"
+{{- end }}
 {{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
 {{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
 {{- end }}
@@ -95,6 +99,7 @@ spec:
 {{- end }}
             - name: tempest-reports
               mountPath: /var/lib/tempest/data
+{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.identity.api.internal "path" "/etc/tempest/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
       volumes:
         - name: pod-tmp
           emptyDir: {}
@@ -115,4 +120,5 @@ spec:
           persistentVolumeClaim:
             claimName: {{ .Values.pvc.name }}
         {{- end }}
+{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.identity.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
 {{- end }}
diff --git a/tempest/values.yaml b/tempest/values.yaml
index 5a6a2e5de2..abe5c2085a 100644
--- a/tempest/values.yaml
+++ b/tempest/values.yaml
@@ -269,6 +269,11 @@ secrets:
     tempest: tempest-keystone-user
   oci_image_registry:
     tempest: tempest-oci-image-registry
+  tls:
+    identity:
+      api:
+        public: keystone-tls-public
+        internal: keystone-tls-api
 
 endpoints:
   cluster_domain_suffix: cluster.local
@@ -351,6 +356,8 @@ endpoints:
     port:
       web:
         default: 80
+tls:
+  identity: false
 
 manifests:
   configmap_bin: true