diff --git a/roles/web_server/molecule/default/prepare.yml b/roles/web_server/molecule/default/prepare.yml
index 839051ac71b2b67f93105ac540c9d89407dd1b71..ba27ec157c73ad14f4faac5716c97845ed57bec6 100644
--- a/roles/web_server/molecule/default/prepare.yml
+++ b/roles/web_server/molecule/default/prepare.yml
@@ -1,5 +1,39 @@
 ---
 
+- name: Set-up fixtures
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  tasks:
+
+    - name: Initialise CA hierarchy
+      command: "gimmecert init"
+      args:
+        creates: ".gimmecert/ca/level1.cert.pem"
+        chdir: "tests/data/"
+
+    - name: Generate server private keys and certificates
+      command:
+      args:
+        chdir: "tests/data/"
+        creates: ".gimmecert/server/{{ item.name }}.cert.pem"
+        argv:
+          - "gimmecert"
+          - "server"
+          - "{{ item.name }}"
+          - "{{ item.fqdn }}"
+      with_items:
+        - name: parameters-mandatory-stretch64_https
+          fqdn: parameters-mandatory
+        - name: parameters-optional-stretch64_https
+          fqdn: parameters-optional
+
+    - name: Set-up link to generated X.509 material
+      file:
+        src: ".gimmecert"
+        dest: "tests/data/x509"
+        state: link
+
 - name: Prepare
   hosts: all
   gather_facts: false
@@ -62,7 +96,7 @@
 
     - name: Deploy CA certificate
       copy:
-        src: tests/data/x509/ca.cert.pem
+        src: tests/data/x509/ca/level1.cert.pem
         dest: /usr/local/share/ca-certificates/testca.crt
         owner: root
         group: root