diff --git a/roles/mail_server/molecule/default/prepare.yml b/roles/mail_server/molecule/default/prepare.yml
index e520de33671019b843863662ca8b28f9506735be..75d92fbcc90b2fca4ef67f3489196775f43b5659 100644
--- a/roles/mail_server/molecule/default/prepare.yml
+++ b/roles/mail_server/molecule/default/prepare.yml
@@ -1,5 +1,46 @@
 ---
 
+- name: Set-up fixtures
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  tasks:
+
+    - name: Initialise CA hierarchy
+      command: "gimmecert init"
+      args:
+        creates: "tests/data/.gimmecert/ca/level1.cert.pem"
+        chdir: "tests/data/"
+
+    - name: Generate server private keys and certificates
+      command:
+      args:
+        chdir: "tests/data/"
+        creates: "tests/data/.gimmecert/server/{{ item.name }}.cert.pem"
+        argv:
+          - "gimmecert"
+          - "server"
+          - "{{ item.name }}"
+          - "{{ item.fqdn }}"
+          - "{{ item.fqdn[:item.fqdn.rfind('-')] }}"
+      with_items:
+        - name: ldap-server_ldap
+          fqdn: ldap-server
+        - name: parameters-mandatory-stretch64_imap
+          fqdn: parameters-mandatory-stretch64
+        - name: parameters-mandatory-stretch64_smtp
+          fqdn: parameters-mandatory-stretch64
+        - name: parameters-optional-stretch64_imap
+          fqdn: parameters-optional-stretch64
+        - name: parameters-optional-stretch64_smtp
+          fqdn: parameters-optional-stretch64
+
+    - name: Set-up link to generated X.509 material
+      file:
+        src: ".gimmecert"
+        dest: "tests/data/x509"
+        state: link
+
 - name: Prepare
   hosts: all
   gather_facts: false
@@ -87,7 +128,7 @@
 
     - name: Deploy CA certificate
       copy:
-        src: tests/data/x509/ca.cert.pem
+        src: tests/data/x509/ca/level1.cert.pem
         dest: /usr/local/share/ca-certificates/testca.crt
         owner: root
         group: root