diff --git a/docs/testsite.rst b/docs/testsite.rst
index 01713fd5b67f2a3925ac4409874d7284699563c7..66ce42675c9a1936967d7f1639944f42b29c7303 100644
--- a/docs/testsite.rst
+++ b/docs/testsite.rst
@@ -78,5 +78,17 @@ system:
   644*), respectively. After that, re-run the ``site.yml`` playbook in order to
   re-configure OpenLDAP server to use it.
 
+* On ``xmpp.example.com``:
+
+  * Create TLS private key for XMPP in location
+    ``/etc/ssl/private/xmpp.example.com.pem`` (*root:prosody, 640*).
+  * Create TLS certificate for XMPP in location
+    ``/etc/ssl/certs/xmpp.example.com.pem`` (*root:root, 644*).
+  * Install a truststore that contains the CA certifciate which has issued the
+    LDAP certificate in location ``/etc/ssl/certs/truststore.pem`` (*root:root,
+    644*).
+  * After all files are in place, re-run the ``site.yml`` playbook in order to
+    restart necessary services etc.
+
 For more details on how the playbooks and configuration have been implemented,
 feel free to browse the test site files (in directory ``testsite``).
diff --git a/testsite/group_vars/xmpp.yml b/testsite/group_vars/xmpp.yml
index 82e70997c868a68c877ad9317557da4b4da4773f..9e61b6193e235b231160c54c85d484aef6f0a54a 100644
--- a/testsite/group_vars/xmpp.yml
+++ b/testsite/group_vars/xmpp.yml
@@ -1,11 +1,25 @@
 ---
 
+ldap_client_config:
+  - comment: Set the base DN
+    option: BASE
+    value: dc=example,dc=com
+  - comment: Set the default URI
+    option: URI
+    value: ldapi:///
+  - comment: Set the default bind DN
+    option: BINDDN
+    value: cn=admin,dc=example,dc=com
+  - comment: Set the LDAP TLS truststore
+    option: TLS_CACERT
+    value: /etc/ssl/certs/truststore.pem
+
 prosody_administrators:
   - john.doe@example.com
 
-prosody_tls_key: /etc/prosody/certs/localhost.key
+prosody_tls_key: /etc/ssl/private/xmpp.example.com.pem
 
-prosody_tls_certificate: /etc/prosody/certs/localhost.crt
+prosody_tls_certificate: /etc/ssl/certs/xmpp.example.com.pem
 
 prosody_domains:
   - example.com
diff --git a/testsite/playbooks/xmpp.yml b/testsite/playbooks/xmpp.yml
index 5b1e3722050cff91cbffd139bf08cf7281befefe..d34017b9ae58e6ca4a400c49bc1fc0d492443662 100644
--- a/testsite/playbooks/xmpp.yml
+++ b/testsite/playbooks/xmpp.yml
@@ -5,4 +5,5 @@
   sudo: yes
   roles:
     - common
+    - ldap_client
     - prosody