diff --git a/manifests/wsgi/apache_api.pp b/manifests/wsgi/apache_api.pp
index be39f7a83..19832dc52 100644
--- a/manifests/wsgi/apache_api.pp
+++ b/manifests/wsgi/apache_api.pp
@@ -110,7 +110,7 @@ class nova::wsgi::apache_api (
   $api_port                    = 8774,
   $bind_host                   = undef,
   $path                        = '/',
-  $ssl                         = true,
+  $ssl                         = undef,
   $workers                     = $::os_workers,
   $ssl_cert                    = undef,
   $ssl_key                     = undef,
@@ -129,10 +129,15 @@ class nova::wsgi::apache_api (
   $vhost_custom_fragment       = undef,
 ) {
 
+  if $ssl == undef {
+    warning('Default of the ssl parameter will be changed in a future release')
+  }
+  $ssl_real = pick($ssl, true)
+
   include nova::params
   include apache
   include apache::mod::wsgi
-  if $ssl {
+  if $ssl_real {
     include apache::mod::ssl
   }
 
@@ -147,7 +152,7 @@ class nova::wsgi::apache_api (
     path                        => $path,
     priority                    => $priority,
     servername                  => $servername,
-    ssl                         => $ssl,
+    ssl                         => $ssl_real,
     ssl_ca                      => $ssl_ca,
     ssl_cert                    => $ssl_cert,
     ssl_certs_dir               => $ssl_certs_dir,
diff --git a/manifests/wsgi/apache_metadata.pp b/manifests/wsgi/apache_metadata.pp
index 144e58bc5..cbb976900 100644
--- a/manifests/wsgi/apache_metadata.pp
+++ b/manifests/wsgi/apache_metadata.pp
@@ -96,7 +96,7 @@ class nova::wsgi::apache_metadata (
   $api_port                    = 8775,
   $bind_host                   = undef,
   $path                        = '/',
-  $ssl                         = true,
+  $ssl                         = undef,
   $workers                     = $::os_workers,
   $ssl_cert                    = undef,
   $ssl_key                     = undef,
@@ -116,10 +116,15 @@ class nova::wsgi::apache_metadata (
   $vhost_custom_fragment       = undef,
 ) {
 
+  if $ssl == undef {
+    warning('Default of the ssl parameter will be changed in a future release')
+  }
+  $ssl_real = pick($ssl, true)
+
   include nova::params
   include apache
   include apache::mod::wsgi
-  if $ssl {
+  if $ssl_real {
     include apache::mod::ssl
   }
 
@@ -142,7 +147,7 @@ class nova::wsgi::apache_metadata (
     path                        => $path,
     priority                    => $priority,
     servername                  => $servername,
-    ssl                         => $ssl,
+    ssl                         => $ssl_real,
     ssl_ca                      => $ssl_ca,
     ssl_cert                    => $ssl_cert,
     ssl_certs_dir               => $ssl_certs_dir,
diff --git a/releasenotes/notes/prepare-to-change-apache-ssl-571d079722b20702.yaml b/releasenotes/notes/prepare-to-change-apache-ssl-571d079722b20702.yaml
new file mode 100644
index 000000000..48afe0141
--- /dev/null
+++ b/releasenotes/notes/prepare-to-change-apache-ssl-571d079722b20702.yaml
@@ -0,0 +1,9 @@
+---
+upgrade:
+  - |
+    Default value of the following two parameters will be changed from
+    ``true`` to ``false`` in a future release. Make sure the parameter is set
+    to the desired value.
+
+    - ``nova::wsgi::apache_api::ssl``
+    - ``nova::wsgi::apache_metadata::ssl``