diff --git a/installer/inventory b/installer/inventory
index 39e8b6b433..4f056499e5 100644
--- a/installer/inventory
+++ b/installer/inventory
@@ -31,6 +31,7 @@ dockerhub_base=ansible
 # The example below shows an annotation to be used with Traefik but other Ingress controllers are also supported.
 #kubernetes_ingress_hostname=awx.example.org
 #kubernetes_ingress_annotations={'kubernetes.io/ingress.class': 'traefik', 'traefik.ingress.kubernetes.io/redirect-entry-point': 'https'}
+#kubernetes_ingress_tls_secret=awx-cert
 
 # Kubernetes and Openshift Install Resource Requests
 # These are the request and limit values for a pod's container for task/web/rabbitmq/memcached/management.
diff --git a/installer/roles/kubernetes/templates/deployment.yml.j2 b/installer/roles/kubernetes/templates/deployment.yml.j2
index 8e9f234c20..dfb76cbc7b 100644
--- a/installer/roles/kubernetes/templates/deployment.yml.j2
+++ b/installer/roles/kubernetes/templates/deployment.yml.j2
@@ -433,6 +433,12 @@ metadata:
 {% endfor %}
 
 spec:
+{% if kubernetes_ingress_tls_secret is defined %}
+  tls:
+  - hosts:
+    - {{ kubernetes_ingress_hostname }}
+    secretName: {{ kubernetes_ingress_tls_secret }}
+{% endif %}
   rules:
   - host: {{ kubernetes_ingress_hostname }}
     http: