diff --git a/salt/common/init.sls b/salt/common/init.sls
index 9f3ee98cb..baf60a939 100644
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -146,6 +146,9 @@ so-telegraf:
       - /proc:/host/proc:ro
       - /nsm:/host/nsm:ro
       - /etc:/host/etc:ro
+      - /etc/pki/ca.crt:/etc/telegraf/ca.crt:ro
+      - /etc/pki/influxdb.crt:/etc/telegraf/telegraf.crt:ro
+      - /etc/pki/influxdb.key:/etc/telegraf/telegraf.key:ro
 
 # If its a master or eval lets install the back end for now
 {% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' %}
diff --git a/salt/common/telegraf/etc/telegraf.conf b/salt/common/telegraf/etc/telegraf.conf
index 323efd0c2..e3fb6eb6c 100644
--- a/salt/common/telegraf/etc/telegraf.conf
+++ b/salt/common/telegraf/etc/telegraf.conf
@@ -123,9 +123,9 @@
   # udp_payload = "512B"
 
   ## Optional TLS Config for use on HTTP connections.
-  # tls_ca = "/etc/telegraf/ca.pem"
-  # tls_cert = "/etc/telegraf/cert.pem"
-  # tls_key = "/etc/telegraf/key.pem"
+   tls_ca = "/etc/telegraf/ca.crt"
+   tls_cert = "/etc/telegraf/telegraf.crt"
+   tls_key = "/etc/telegraf/telegraf.key"
   ## Use TLS but skip chain & host verification
   # insecure_skip_verify = false