Comment 3 for bug 1408902

Billy. I think I have hit this issue and know what is causing it. Assuming that you are using a single unit of each service affected i.e. keystone, cinder, glance etc, you will be hitting the following:

Endpoint will configure apache to listen on the same port used for haproxy. Result is that apache2 service won't start because it can't bind to that port and so ssl fails. I currently see this for all ssl-enabled services. The problem goes away if you use > 1 unit due to the logic in http://bazaar.launchpad.net/~charm-helpers/charm-helpers/devel/view/head:/charmhelpers/contrib/hahelpers/cluster.py#L189

So, i'll let you confirm this is the cause of your issue before taking this LP but I will fix the above issue in any case since it currently causes non-HA ssl to fail for all services.