diff --git a/roles/ldap_server/molecule/default/tests/test_default.py b/roles/ldap_server/molecule/default/tests/test_default.py
index 4b95c6dc7ba4af12d35cc8e9e9b7fb4022d3a6f7..68a00c9031a9b0a3ff15b8d0997ca44a3b3fd78c 100644
--- a/roles/ldap_server/molecule/default/tests/test_default.py
+++ b/roles/ldap_server/molecule/default/tests/test_default.py
@@ -194,3 +194,39 @@ def test_temporary_admin_password_file_not_present(host):
 
     with host.sudo():
         assert not host.file('/root/.ldap_admin_password').exists
+
+
+def test_ldap_tls_private_key_file(host):
+    """
+    Tests if the TLS private key has been deployed correctly.
+    """
+
+    with host.sudo():
+
+        inventory_hostname = host.ansible.get_variables()['inventory_hostname']
+
+        key = host.file('/etc/ssl/private/%s_ldap.key' % inventory_hostname)
+
+        assert key.is_file
+        assert key.user == 'root'
+        assert key.group == 'openldap'
+        assert key.mode == 0o640
+        assert key.content_string == open('tests/data/x509/%s_ldap.key.pem' % inventory_hostname).read()
+
+
+def test_ldap_tls_certificate_file(host):
+    """
+    Tests if the TLS certificate has been deployed correctly.
+    """
+
+    with host.sudo():
+
+        inventory_hostname = host.ansible.get_variables()['inventory_hostname']
+
+        cert = host.file('/etc/ssl/certs/%s_ldap.pem' % inventory_hostname)
+
+        assert cert.is_file
+        assert cert.user == 'root'
+        assert cert.group == 'root'
+        assert cert.mode == 0o644
+        assert cert.content_string == open('tests/data/x509/%s_ldap.cert.pem' % inventory_hostname).read()