diff --git a/octavia/certificates/manager/castellan_mgr.py b/octavia/certificates/manager/castellan_mgr.py
index cfe592586f..37d67fd99e 100644
--- a/octavia/certificates/manager/castellan_mgr.py
+++ b/octavia/certificates/manager/castellan_mgr.py
@@ -19,12 +19,15 @@ Cert manager implementation for Castellan
 from castellan.common.objects import opaque_data
 from castellan import key_manager
 from OpenSSL import crypto
+from oslo_config import cfg
 from oslo_log import log as logging
 
 from octavia.certificates.common import pkcs12
 from octavia.certificates.manager import cert_mgr
 from octavia.common import exceptions
 
+CONF = cfg.CONF
+
 LOG = logging.getLogger(__name__)
 
 
@@ -33,7 +36,7 @@ class CastellanCertManager(cert_mgr.CertManager):
 
     def __init__(self):
         super().__init__()
-        self.manager = key_manager.API()
+        self.manager = key_manager.API(CONF)
 
     def store_cert(self, context, certificate, private_key, intermediates=None,
                    private_key_passphrase=None, expiration=None,
diff --git a/releasenotes/notes/octavia_castellan_config-995e65f129e3e983.yaml b/releasenotes/notes/octavia_castellan_config-995e65f129e3e983.yaml
new file mode 100644
index 0000000000..5f5f4d1f1f
--- /dev/null
+++ b/releasenotes/notes/octavia_castellan_config-995e65f129e3e983.yaml
@@ -0,0 +1,7 @@
+---
+fixes:
+  - |
+    Usage of ``castellan_cert_manager`` as cert_manager has been significantly
+    improved. Now you can define configuration options for castellan in
+    octavia.conf and they will be passed properly to castellan beckend. This
+    allows to use allowed castellan backends as for certificate storage.