diff --git a/testsite/tls/gnutls_server_certificate.cfg.j2 b/testsite/tls/gnutls_server_certificate.cfg.j2
new file mode 100644
index 0000000000000000000000000000000000000000..9ca53694d860c0c4cffaa150013e9a3bfd510e27
--- /dev/null
+++ b/testsite/tls/gnutls_server_certificate.cfg.j2
@@ -0,0 +1,32 @@
+# X.509 Certificate options
+#
+# DN options
+
+# The organization of the subject.
+organization = "Example Inc."
+
+# The country of the subject. Two letter code.
+country = SE
+
+# The common name of the certificate owner.
+cn = "Exampe Inc. {{ item.name }} Server"
+
+# In how many days, counting from today, this certificate will expire.
+expiration_days = 365
+
+# X.509 v3 extensions
+
+# A dnsname in case of a WWW server.
+dns_name = "{{ item.hostname }}.{{ testsite_domain }}"
+
+# Whether this certificate will be used for a TLS server
+tls_www_server
+
+# Whether this certificate will be used to sign data (needed
+# in TLS DHE ciphersuites).
+signing_key
+
+# Whether this certificate will be used to encrypt data (needed
+# in TLS RSA ciphersuites). Note that it is preferred to use different
+# keys for encryption and signing.
+encryption_key