diff --git a/neutron/Chart.yaml b/neutron/Chart.yaml
index 59c59a2f86..4ff6edc12b 100644
--- a/neutron/Chart.yaml
+++ b/neutron/Chart.yaml
@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Neutron
 name: neutron
-version: 0.2.24
+version: 0.2.25
 home: https://docs.openstack.org/neutron/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Neutron/OpenStack_Project_Neutron_vertical.png
 sources:
diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml
index 94c4e1a2d5..d7315d22d0 100644
--- a/neutron/templates/deployment-server.yaml
+++ b/neutron/templates/deployment-server.yaml
@@ -153,6 +153,11 @@ spec:
           command:
             - /tmp/neutron-server.sh
             - start
+{{- if or .Values.manifests.certificates .Values.tls.identity }}
+          env:
+            - name: REQUESTS_CA_BUNDLE
+              value: "/etc/neutron/certs/ca.crt"
+{{- end }}
           lifecycle:
             preStop:
               exec:
@@ -241,7 +246,7 @@ spec:
               subPath: policy.yaml
               readOnly: true
 {{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
-{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.network.server.internal "path" "/etc/neutron/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
+{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.network.server.internal "path" "/etc/neutron/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
 {{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
 {{ if $mounts_neutron_server.volumeMounts }}{{ toYaml $mounts_neutron_server.volumeMounts | indent 12 }}{{ end }}
       volumes:
@@ -266,7 +271,7 @@ spec:
           emptyDir: {}
         {{- end }}
 {{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.network.server.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
+{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.network.server.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
 {{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
 {{ if $mounts_neutron_server.volumes }}{{ toYaml $mounts_neutron_server.volumes | indent 8 }}{{ end }}
 {{- end }}
diff --git a/neutron/templates/job-bootstrap.yaml b/neutron/templates/job-bootstrap.yaml
index 3a3faba077..ff9dbe8f44 100644
--- a/neutron/templates/job-bootstrap.yaml
+++ b/neutron/templates/job-bootstrap.yaml
@@ -19,7 +19,7 @@ helm.sh/hook-weight: "5"
 
 {{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
 {{- $bootstrapJob := dict "envAll" . "serviceName" "neutron" "keystoneUser" .Values.bootstrap.ks_user "logConfigFile" .Values.conf.neutron.DEFAULT.log_config_append  -}}
-{{- if .Values.manifests.certificates -}}
+{{- if or .Values.manifests.certificates .Values.tls.identity -}}
 {{- $_ := set $bootstrapJob "tlsSecret" .Values.secrets.tls.network.server.internal -}}
 {{- end -}}
 {{- if .Values.helm3_hook }}
diff --git a/neutron/templates/job-ks-endpoints.yaml b/neutron/templates/job-ks-endpoints.yaml
index 39b9387f55..ec76b71dd2 100644
--- a/neutron/templates/job-ks-endpoints.yaml
+++ b/neutron/templates/job-ks-endpoints.yaml
@@ -19,7 +19,7 @@ helm.sh/hook-weight: "-2"
 
 {{- if .Values.manifests.job_ks_endpoints }}
 {{- $ksEndpointsJob := dict "envAll" . "serviceName" "neutron" "serviceTypes" ( tuple "network" ) -}}
-{{- if .Values.manifests.certificates -}}
+{{- if or .Values.manifests.certificates .Values.tls.identity -}}
 {{- $_ := set $ksEndpointsJob "tlsSecret" .Values.secrets.tls.network.server.internal -}}
 {{- end -}}
 {{- if .Values.helm3_hook }}
diff --git a/neutron/templates/job-ks-service.yaml b/neutron/templates/job-ks-service.yaml
index 84fb56d4c6..e4225c6e6d 100644
--- a/neutron/templates/job-ks-service.yaml
+++ b/neutron/templates/job-ks-service.yaml
@@ -19,7 +19,7 @@ helm.sh/hook-weight: "-3"
 
 {{- if .Values.manifests.job_ks_service }}
 {{- $ksServiceJob := dict "envAll" . "serviceName" "neutron" "serviceTypes" ( tuple "network" ) -}}
-{{- if .Values.manifests.certificates -}}
+{{- if or .Values.manifests.certificates .Values.tls.identity -}}
 {{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.network.server.internal -}}
 {{- end -}}
 {{- if .Values.helm3_hook }}
diff --git a/neutron/templates/job-ks-user.yaml b/neutron/templates/job-ks-user.yaml
index 80a19bc92d..563ba7baf1 100644
--- a/neutron/templates/job-ks-user.yaml
+++ b/neutron/templates/job-ks-user.yaml
@@ -19,7 +19,7 @@ helm.sh/hook-weight: "-1"
 
 {{- if .Values.manifests.job_ks_user }}
 {{- $ksUserJob := dict "envAll" . "serviceName" "neutron" -}}
-{{- if .Values.manifests.certificates -}}
+{{- if or .Values.manifests.certificates .Values.tls.identity -}}
 {{- $_ := set $ksUserJob "tlsSecret" .Values.secrets.tls.network.server.internal -}}
 {{- end -}}
 {{- if .Values.helm3_hook }}
diff --git a/neutron/values.yaml b/neutron/values.yaml
index ee417bb072..843c5ad945 100644
--- a/neutron/values.yaml
+++ b/neutron/values.yaml
@@ -2544,6 +2544,11 @@ health_probe:
   logging:
     level: ERROR
 
+tls:
+  identity: false
+  oslo_messaging: false
+  oslo_db: false
+
 manifests:
   certificates: false
   configmap_bin: true
diff --git a/neutron/values_overrides/tls-offloading.yaml b/neutron/values_overrides/tls-offloading.yaml
new file mode 100644
index 0000000000..8b36a23ac6
--- /dev/null
+++ b/neutron/values_overrides/tls-offloading.yaml
@@ -0,0 +1,14 @@
+---
+endpoints:
+  identity:
+    auth:
+      admin:
+        cacert: /etc/ssl/certs/openstack-helm.crt
+      neutron:
+        cacert: /etc/ssl/certs/openstack-helm.crt
+      test:
+        cacert: /etc/ssl/certs/openstack-helm.crt
+
+tls:
+  identity: true
+...
diff --git a/releasenotes/notes/neutron.yaml b/releasenotes/notes/neutron.yaml
index 014e457685..634cb03784 100644
--- a/releasenotes/notes/neutron.yaml
+++ b/releasenotes/notes/neutron.yaml
@@ -38,4 +38,5 @@ neutron:
   - 0.2.22 Fix /run/xtables.lock may be a directory
   - 0.2.23 Add neutron_netns_cleanup_cron release image override, so that the respective release image is used
   - 0.2.24 Added OCI registry authentication
+  - 0.2.25 Support TLS endpoints
 ...