diff --git a/Dockerfile b/Dockerfile
index 2ffe670..0cf48a7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,7 +12,11 @@ RUN apt-get update && \
     apt-get install --yes --no-install-recommends \
         slapd \
         ldap-utils \
+        gnutls-bin \
+        ssl-cert \
         ca-certificates && \
+    # allow access to certificates
+    usermod -a -G ssl-cert openldap && \
     # remove the default config, since the entrypoint
     # will populate it by hand.
     rm -rf /etc/ldap/slapd.d && \
diff --git a/fixtures/00_config.ldif b/fixtures/00_config.ldif
index 4441931..263a92e 100644
--- a/fixtures/00_config.ldif
+++ b/fixtures/00_config.ldif
@@ -14,6 +14,12 @@ olcToolThreads: 1
 # Define used format for CRYPT algorithm
 # (SHA-512 16-char-salt 50000 rounds)
 olcPasswordCryptSaltFormat: $6$rounds=50000$%.16s
+# TLS configuration
+olcTLSCertificateKeyFile: /etc/ssl/private/ssl-cert-snakeoil.key
+olcTLSCACertificateFile: /etc/ssl/certs/ca-certificates.crt
+olcTLSCertificateFile: /etc/ssl/certs/ssl-cert-snakeoil.pem
+# Consider to force Encryption:
+#olcSecurity: tls=1
 
 # Frontend settings
 dn: olcDatabase={-1}frontend,cn=config