diff --git a/testsite/group_vars/mail.yml b/testsite/group_vars/mail.yml
index 0542bc7ba066b8f5114f3c2c5fadd3cc866314b5..8900ddbe3aeeceb953f452f4a47db44af371c1f5 100644
--- a/testsite/group_vars/mail.yml
+++ b/testsite/group_vars/mail.yml
@@ -29,4 +29,10 @@ smtp_allow_relay_from:
   - xmpp.{{ testsite_domain }}
   - web.{{ testsite_domain }}
 
-imap_max_user_connections_per_ip: 50
\ No newline at end of file
+imap_max_user_connections_per_ip: 50
+
+mail_server_tls_protocols:
+  - TLSv1.2
+  - TLSv1.1
+
+mail_server_tls_ciphers: "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA:!aNULL:!MD5:!EXPORT"
\ No newline at end of file
diff --git a/testsite/group_vars/web.yml b/testsite/group_vars/web.yml
index da0acdc7b2e03a6ecc95a82c62aec672ef611648..2869e56b5e31b5cb9773886193c499aee2bf1a34 100644
--- a/testsite/group_vars/web.yml
+++ b/testsite/group_vars/web.yml
@@ -24,3 +24,9 @@ environment_indicator:
 
 proxy_headers:
   Accept-Encoding: '"gzip"'
+
+web_server_tls_protocols:
+  - TLSv1.2
+  - TLSv1.1
+
+web_server_tls_ciphers: "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA:!aNULL:!MD5:!EXPORT"
\ No newline at end of file