diff --git a/manifests/loadbalancer.pp b/manifests/loadbalancer.pp
index 74b1aa8e..e1c23008 100644
--- a/manifests/loadbalancer.pp
+++ b/manifests/loadbalancer.pp
@@ -871,9 +871,12 @@ class cloud::loadbalancer(
     firewall_settings => $firewall_settings,
   }
   if 'ssl' in $heat_api_bind_options {
-    $heat_api_options = merge($common_tcp_options, {
+    $heat_api_options = {
       'reqadd'         => 'X-Forwarded-Proto:\ https if { ssl_fc }',
-    })
+      'balance'        => 'source',
+      'timeout server' => $api_timeout,
+      'timeout client' => $api_timeout,
+    }
   } else {
     $heat_api_options = $common_tcp_options
   }
@@ -885,9 +888,12 @@ class cloud::loadbalancer(
     firewall_settings => $firewall_settings,
   }
   if 'ssl' in $heat_cfn_bind_options {
-    $heat_cfn_options = merge($common_tcp_options, {
+    $heat_cfn_options = {
       'reqadd'         => 'X-Forwarded-Proto:\ https if { ssl_fc }',
-    })
+      'balance'        => 'source',
+      'timeout server' => $api_timeout,
+      'timeout client' => $api_timeout,
+    }
   } else {
     $heat_cfn_options = $common_tcp_options
   }
@@ -899,9 +905,12 @@ class cloud::loadbalancer(
     firewall_settings => $firewall_settings,
   }
   if 'ssl' in $heat_cloudwatch_bind_options {
-    $heat_cloudwatch_options = merge($common_tcp_options, {
+    $heat_cloudwatch_options = {
       'reqadd'         => 'X-Forwarded-Proto:\ https if { ssl_fc }',
-    })
+      'balance'        => 'source',
+      'timeout server' => $api_timeout,
+      'timeout client' => $api_timeout,
+    }
   } else {
     $heat_cloudwatch_options = $common_tcp_options
   }
diff --git a/spec/classes/cloud_loadbalancer_spec.rb b/spec/classes/cloud_loadbalancer_spec.rb
index 1083af87..488fa3c1 100644
--- a/spec/classes/cloud_loadbalancer_spec.rb
+++ b/spec/classes/cloud_loadbalancer_spec.rb
@@ -527,12 +527,13 @@ describe 'cloud::loadbalancer' do
         :ipaddress => [params[:vip_public_ip]],
         :ports     => '8004',
         :options   => {
-          'mode'           => 'tcp',
-          'reqadd'         => 'X-Forwarded-Proto:\ https if { ssl_fc }',
+          'mode'           => 'http',
           'balance'        => 'source',
-          'option'         => ['tcpka', 'tcplog', 'forwardfor'],
+          'option'         => ['tcpka', 'forwardfor', 'tcplog', 'httpchk'],
+          'reqadd'         => 'X-Forwarded-Proto:\ https if { ssl_fc }',
           'timeout server' => '90m',
-          'timeout client' => '90m'
+          'timeout client' => '90m',
+          'http-check'     => 'expect ! rstatus ^5',
         },
         :bind_options => ['ssl', 'crt']
       )}