diff --git a/kitchen.yml b/kitchen.yml
index d22e96e..ff3fa94 100644
--- a/kitchen.yml
+++ b/kitchen.yml
@@ -29,12 +29,15 @@ suites:
     provisioner:
       state_top:
         base:
-          "*": []
-      pillars_from_files: {}
+          "*":
+            - acme_sh
+      pillars_from_files:
+        acme_sh.sls: test/salt/pillar/acme_sh.sls
       pillars:
         top.sls:
           base:
-            "*": []
+            "*":
+              - acme_sh
     verifier:
       inspec_tests:
         - path: test/integration/default
@@ -45,6 +48,7 @@ provisioner:
   salt_install: none
   require_chef: false
   formula: acme_sh
+  pre_salt_command: <%= ENV['CRED'] %>
   salt_copy_filter:
     - .git/
     - .github/
diff --git a/test/integration/default/controls/cert.rb b/test/integration/default/controls/cert.rb
new file mode 100644
index 0000000..e517d14
--- /dev/null
+++ b/test/integration/default/controls/cert.rb
@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+control "Cert x509 #{os.name}" do
+  title 'Test x509 cert files'
+
+  dir = '/home/vagrant/crt/acmeshtest.gn98.de'
+
+  describe x509_certificate("#{dir}/fullchain.cer") do
+    it { should be_certificate }
+    its('key_length') { should be 4096 }
+    its('subject.CN') { should eq 'acmeshtest.gn98.de' }
+    its('validity_in_days') { should be > 30 }
+  end
+end
diff --git a/test/integration/default/controls/file.rb b/test/integration/default/controls/file.rb
new file mode 100644
index 0000000..79b7fb1
--- /dev/null
+++ b/test/integration/default/controls/file.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+control "Cert files #{os.name}" do
+  title 'Test cert files'
+
+  dir = '/home/vagrant/crt/acmeshtest.gn98.de'
+
+  describe directory(dir) do
+    it { should exist }
+  end
+
+  describe file("#{dir}/fullchain.cer") do
+    it { should exist }
+  end
+
+  describe file("#{dir}/acmeshtest.gn98.de.key") do
+    it { should exist }
+  end
+end