diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..2e25e7e
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+ucs_tls_certs_dir: /etc/pki/tls/certs
+ucs_tls_key_dir: /etc/pki/tls/private
+ucs_tls_cert_path: /etc/pki/tls/certs/mycert.pem
+ucs_tls_key_path: /etc/pki/tls/private/mykey.pem
diff --git a/meta/main.yml b/meta/main.yml
new file mode 100644
index 0000000..823859b
--- /dev/null
+++ b/meta/main.yml
@@ -0,0 +1,15 @@
+---
+galaxy_info:
+  author: xoxys
+  description: Role to configure a univention corporate server
+  license: MIT
+  min_ansible_version: 2.4
+  platforms:
+  - name: EL
+    versions:
+    - 7
+  galaxy_tags:
+    - univention
+    - ucs
+    - domain
+dependencies:
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..e40bac2
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,2 @@
+---
+- include_tasks: tls.yml
diff --git a/tasks/tls.yml b/tasks/tls.yml
new file mode 100644
index 0000000..881c963
--- /dev/null
+++ b/tasks/tls.yml
@@ -0,0 +1,21 @@
+---
+- block:
+  - name: Create tls folder structure
+    file:
+      path: "{{ item }}"
+      state: directory
+      mode: 700
+    with_items:
+      - "{{ ucs_tls_certs_dir }}"
+      - "{{ ucs_tls_key_dir }}"
+
+  - name: Copy certs and private key
+    copy:
+      src: "{{ item.src }}"
+      dest: "{{ item.dest }}"
+      mode: "{{item.mode }}"
+    with_items:
+      - { src: "{{ ucs_tls_key_path }}", dest: "{{ ucs_tls_certs_dir/ucs.pem }}", mode: '0600' }
+      - { src: "{{ ucs_tls_cert_path }}", dest: "{{ ucs_tls_key_dir/unifi.pem }}", mode: '0750' }
+  become: True
+  become_user: root