diff --git a/docs/rolereference.rst b/docs/rolereference.rst
index 3f615130c496005415e109259a0c6412a5879741..6d5e4e82def12dfcff9c6a1dda0954db81a790a7 100644
--- a/docs/rolereference.rst
+++ b/docs/rolereference.rst
@@ -809,6 +809,7 @@ Distribution compatibility
 Role is compatible with the following distributions:
 
 - Debian 10 (Buster)
+- Debian 11 (Bullseye)
 
 
 Examples
diff --git a/roles/ldap_server/meta/main.yml b/roles/ldap_server/meta/main.yml
index 97ade01ddb6d6645835f6eca37d937eb66fd4fd1..8ed933cc940deb65f3b8485f203ddb325c62676c 100644
--- a/roles/ldap_server/meta/main.yml
+++ b/roles/ldap_server/meta/main.yml
@@ -18,3 +18,4 @@ galaxy_info:
     - name: Debian
       versions:
         - 10
+        - 11
diff --git a/roles/ldap_server/molecule/default/molecule.yml b/roles/ldap_server/molecule/default/molecule.yml
index ffd50944fb7d224a92c60362524c29eb44a8a9ae..0f26fe449cebb8985945217d2abb374f5c9eabca 100644
--- a/roles/ldap_server/molecule/default/molecule.yml
+++ b/roles/ldap_server/molecule/default/molecule.yml
@@ -49,6 +49,31 @@ platforms:
         network_name: private_network
         type: static
 
+  - name: parameters-mandatory-bullseye
+    groups:
+      - parameters-mandatory
+    box: debian/bullseye64
+    memory: 256
+    cpus: 1
+    interfaces:
+      - auto_config: true
+        ip: 192.168.56.31
+        network_name: private_network
+        type: static
+
+  - name: parameters-optional-bullseye
+    groups:
+      - parameters-optional
+      - backup-server
+    box: debian/bullseye64
+    memory: 256
+    cpus: 1
+    interfaces:
+      - auto_config: true
+        ip: 192.168.56.32
+        network_name: private_network
+        type: static
+
 provisioner:
   name: ansible
   playbooks:
diff --git a/roles/ldap_server/molecule/default/prepare.yml b/roles/ldap_server/molecule/default/prepare.yml
index 5ac944ac6dcbe6116b82e06f1a9c84f85c47ec69..3cd54b166a03f8cf3e9dd6bef116ea0d1c964f81 100644
--- a/roles/ldap_server/molecule/default/prepare.yml
+++ b/roles/ldap_server/molecule/default/prepare.yml
@@ -27,6 +27,10 @@
           fqdn: parameters-mandatory
         - name: parameters-optional-buster_ldap
           fqdn: parameters-optional
+        - name: parameters-mandatory-bullseye_ldap
+          fqdn: parameters-mandatory
+        - name: parameters-optional-bullseye_ldap
+          fqdn: parameters-optional
 
     - name: Set-up link to generated X.509 material
       file:
@@ -81,6 +85,8 @@
       with_dict:
         192.168.56.21: parameters-mandatory-buster
         192.168.56.22: parameters-optional-buster
+        192.168.56.31: parameters-mandatory-bullseye
+        192.168.56.32: parameters-optional-bullseye
 
 - hosts: parameters-optional
   become: true
diff --git a/roles/ldap_server/molecule/default/tests/test_default.py b/roles/ldap_server/molecule/default/tests/test_default.py
index 25bda565afaf2da80959cb302951eee9a9c0ff98..7e72f017534511049532f96e942ec198a9fc318e 100644
--- a/roles/ldap_server/molecule/default/tests/test_default.py
+++ b/roles/ldap_server/molecule/default/tests/test_default.py
@@ -251,3 +251,36 @@ def test_ldap_server_dh_parameter_file(host):
         dhparam_info = host.run("openssl dhparam -noout -text -in %s", dhparam_file_path)
 
         assert "DH Parameters: (2048 bit)" in dhparam_info.stdout
+
+
+def test_ldap_server_uses_correct_dh_parameters(host):
+    """
+    Tests if the LDAP server uses the generated Diffie-Hellman
+    parameter.
+    """
+
+    # Technically we should be testing here against deployed DH
+    # parameters file, however... When linked against GnuTLS, slapd
+    # seems to only take into account the size of pointed-to DH
+    # parameters, and then picks one of the parameters from the
+    # RFC-7919 (https://www.ietf.org/rfc/rfc7919.txt)
+    # instead. Therefore we list here the 2048-bit DH parameter from
+    # the RFC instead.
+    expected_dhparam = """-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
+87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
+YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
+7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
+ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==
+-----END DH PARAMETERS-----"""
+
+    connection = host.run("gnutls-cli --no-ca-verification --starttls-proto=ldap --port 389 "
+                          "--priority 'NONE:+VERS-TLS1.2:+CTYPE-X509:+COMP-NULL:+SIGN-RSA-SHA384:+DHE-RSA:+SHA384:+AEAD:+AES-256-GCM' --verbose localhost")
+
+    output = connection.stdout
+    begin_marker = "-----BEGIN DH PARAMETERS-----"
+    end_marker = "-----END DH PARAMETERS-----"
+    used_dhparam = output[output.find(begin_marker):output.find(end_marker) + len(end_marker)]
+
+    assert used_dhparam == expected_dhparam
diff --git a/roles/ldap_server/molecule/default/tests/test_default_buster.py b/roles/ldap_server/molecule/default/tests/test_default_buster.py
deleted file mode 100644
index 26b4849d28bb452875507fb344f352ea20d7cef3..0000000000000000000000000000000000000000
--- a/roles/ldap_server/molecule/default/tests/test_default_buster.py
+++ /dev/null
@@ -1,40 +0,0 @@
-import os
-
-import testinfra.utils.ansible_runner
-
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-*-buster')
-
-
-def test_ldap_server_uses_correct_dh_parameters(host):
-    """
-    Tests if the LDAP server uses the generated Diffie-Hellman
-    parameter.
-    """
-
-    # Technically we should be testing here against deployed DH
-    # parameters file, however... When linked against GnuTLS, slapd
-    # seems to only take into account the size of pointed-to DH
-    # parameters, and then picks one of the parameters from the
-    # RFC-7919 (https://www.ietf.org/rfc/rfc7919.txt)
-    # instead. Therefore we list here the 2048-bit DH parameter from
-    # the RFC instead.
-    expected_dhparam = """-----BEGIN DH PARAMETERS-----
-MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
-+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
-87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
-YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
-7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
-ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==
------END DH PARAMETERS-----"""
-
-    connection = host.run("gnutls-cli --no-ca-verification --starttls-proto=ldap --port 389 "
-                          "--priority 'NONE:+VERS-TLS1.2:+CTYPE-X509:+COMP-NULL:+SIGN-RSA-SHA384:+DHE-RSA:+SHA384:+AEAD:+AES-256-GCM' --verbose localhost")
-
-    output = connection.stdout
-    begin_marker = "-----BEGIN DH PARAMETERS-----"
-    end_marker = "-----END DH PARAMETERS-----"
-    used_dhparam = output[output.find(begin_marker):output.find(end_marker) + len(end_marker)]
-
-    assert used_dhparam == expected_dhparam