diff --git a/spec/classes/hitch_spec.rb b/spec/classes/hitch_spec.rb
index 4a7c2f7..7aa5fa8 100644
--- a/spec/classes/hitch_spec.rb
+++ b/spec/classes/hitch_spec.rb
@@ -1,71 +1,11 @@
 require 'spec_helper'
 
 describe 'hitch' do
-  context 'supported operating systems' do
-    on_supported_os.each do |os, facts|
-      context "on #{os}" do
-        let(:facts) do
-          facts
-        end
+  on_supported_os.each do |os, os_facts|
+    context "on #{os}" do
+      let(:facts) { os_facts }
 
-        context 'hitch class without any parameters' do
-          it { is_expected.to compile.with_all_deps }
-
-          it { is_expected.to contain_class('hitch') }
-          it { is_expected.to contain_class('hitch::params') }
-          it { is_expected.to contain_class('hitch::install').that_comes_before('hitch::config') }
-          it { is_expected.to contain_class('hitch::config') }
-          it { is_expected.to contain_class('hitch::service').that_subscribes_to('hitch::config') }
-
-          it { is_expected.to contain_service('hitch') }
-          it { is_expected.to contain_package('hitch').with_ensure('present') }
-
-          it { is_expected.to contain_file('/etc/hitch') }
-          it { is_expected.to contain_file('/etc/hitch/dhparams.pem') }
-          it { is_expected.to contain_concat('/etc/hitch/hitch.conf') }
-          it { is_expected.to contain_concat__fragment('hitch::config config') }
-          it { is_expected.to contain_exec('hitch::config generate dhparams') }
-
-          context 'osfamily specifics' do
-            if facts[:osfamily] == 'RedHat'
-              it { is_expected.to contain_package('epel-release') }
-            else
-              it { is_expected.not_to contain_package('epel-release') }
-            end
-          end
-        end
-
-        context 'hitch class with domains' do
-          let(:params) do
-            { domains: {
-              'example.com' => {
-                'key_content' => '-----BEGIN PRIVATE KEY-----',
-                'cert_content' => '-----BEGIN CERTIFICATE-----',
-                'cacert_content' => '-----BEGIN CERTIFICATE-----',
-                'dhparams_content' => '-----BEGIN DH PARAMETERS-----',
-              },
-            } }
-          end
-
-          it { is_expected.to compile.with_all_deps }
-          it { is_expected.to contain_hitch__domain('example.com') }
-          it { is_expected.to contain_file('/etc/hitch/example.com.pem') }
-          it { is_expected.to contain_concat__fragment('hitch::domain example.com') }
-        end
-      end
-    end
-  end
-
-  context 'unsupported operating system' do
-    describe 'hitch class without any parameters on Solaris/Nexenta' do
-      let(:facts) do
-        {
-          osfamily: 'Solaris',
-          operatingsystem: 'Nexenta',
-        }
-      end
-
-      it { expect { is_expected.to contain_package('hitch') }.to raise_error(Puppet::Error, %r{Nexenta not supported}) }
+      it { is_expected.to compile }
     end
   end
 end
diff --git a/spec/defines/hitch__domain_spec.rb b/spec/defines/hitch__domain_spec.rb
index 294c969..5e6c19a 100644
--- a/spec/defines/hitch__domain_spec.rb
+++ b/spec/defines/hitch__domain_spec.rb
@@ -1,87 +1,62 @@
 require 'spec_helper'
 
-describe 'hitch::domain' do
-  context 'supported operating systems' do
-    on_supported_os.each do |os, facts|
-      context "on #{os}" do
-        let(:facts) do
-          facts
-        end
-        let(:title) { 'example.com' }
-
-        context 'with all content parameters' do
-          let(:params) do
-            {
-              'cacert_content' => '-----BEGIN CERTIFICATE-----',
-              'cert_content' => '-----BEGIN CERTIFICATE-----',
-              'dhparams_content' => '-----BEGIN DH PARAMETERS-----',
-              'key_content' => '-----BEGIN PRIVATE KEY-----',
-            }
-          end
-
-          it { is_expected.to compile.with_all_deps }
-          it { is_expected.to contain_hitch__domain('example.com') }
-
-          # for the pem file
-          it { is_expected.to contain_concat('/etc/hitch/example.com.pem') }
-          it { is_expected.to contain_concat__fragment('example.com cacert') }
-          it { is_expected.to contain_concat__fragment('example.com cert') }
-          it { is_expected.to contain_concat__fragment('example.com key') }
-          it { is_expected.to contain_concat__fragment('example.com dhparams') }
+tls_data = gen_test_tls_data
+key = tls_data[0].to_s
+cert = tls_data[1].to_s
 
-          # for the config file
-          it { is_expected.to contain_concat('/etc/hitch/hitch.conf') }
-          it { is_expected.to contain_concat__fragment('hitch::domain example.com') }
+describe 'hitch::domain' do
+  let(:title) { 'example.com' }
+
+  on_supported_os.each do |os, os_facts|
+    context "on #{os}" do
+      let(:facts) { os_facts }
+
+      context 'with source parameters' do
+        let(:params) do
+          {
+            'key_source' => '/path/to/key',
+            'cert_source' => '/path/to/certificate',
+            'cacert_source' => '/path/to/cacertificate',
+          }
         end
 
-        context 'with all source parameters' do
-          let(:params) do
-            {
-              'cacert_source' => '/tmp/cacert.pem',
-              'cert_source' => '/tmp/cert.pem',
-              'dhparams_source' => '/tmp/dhparams.pem',
-              'key_source' => '/tmp/key.pem',
-            }
-          end
+        it { is_expected.to compile }
+        it { is_expected.to contain_hitch__domain('example.com') }
 
-          it { is_expected.to compile.with_all_deps }
-          it { is_expected.to contain_hitch__domain('example.com') }
+        # for the pem file
+        it { is_expected.to contain_concat('/etc/hitch/example.com.pem') }
+        it { is_expected.to contain_concat__fragment('example.com cacert') }
+        it { is_expected.to contain_concat__fragment('example.com cert') }
+        it { is_expected.to contain_concat__fragment('example.com key') }
+        it { is_expected.to contain_concat__fragment('example.com dhparams') }
 
-          # for the pem file
-          it { is_expected.to contain_concat('/etc/hitch/example.com.pem') }
-          it { is_expected.to contain_concat__fragment('example.com cacert') }
-          it { is_expected.to contain_concat__fragment('example.com cert') }
-          it { is_expected.to contain_concat__fragment('example.com key') }
-          it { is_expected.to contain_concat__fragment('example.com dhparams') }
+        # for the config file
+        it { is_expected.to contain_concat('/etc/hitch/hitch.conf') }
+        it { is_expected.to contain_concat__fragment('hitch::domain example.com') }
+      end
 
-          # for the config file
-          it { is_expected.to contain_concat('/etc/hitch/hitch.conf') }
-          it { is_expected.to contain_concat__fragment('hitch::domain example.com') }
+      context 'with content parameters' do
+        let(:params) do
+          {
+            key_content: key,
+            cert_content: cert,
+          }
         end
 
-        context 'mandatory parameters' do
-          let(:params) do
-            {
-              'cert_source' => '/tmp/cert.pem',
-              'key_source' => '/tmp/key.pem',
-            }
-          end
+        it { is_expected.to compile }
+        it { is_expected.to contain_hitch__domain('example.com') }
 
-          it { is_expected.to compile.with_all_deps }
-          it { is_expected.to contain_hitch__domain('example.com') }
+        # for the pem file
+        it { is_expected.to contain_concat('/etc/hitch/example.com.pem') }
+        it { is_expected.not_to contain_concat__fragment('example.com cacert') }
+        it { is_expected.to contain_concat__fragment('example.com cert') }
+        it { is_expected.to contain_concat__fragment('example.com key') }
+        it { is_expected.to contain_concat__fragment('example.com dhparams') }
 
-          # for the pem file
-          it { is_expected.to contain_concat('/etc/hitch/example.com.pem') }
-          it { is_expected.not_to contain_concat__fragment('example.com cacert') }
-          it { is_expected.to contain_concat__fragment('example.com cert') }
-          it { is_expected.to contain_concat__fragment('example.com key') }
-          it { is_expected.to contain_concat__fragment('example.com dhparams') }
-
-          # for the config file
-          it { is_expected.to contain_concat('/etc/hitch/hitch.conf') }
-          it { is_expected.to contain_concat__fragment('hitch::domain example.com') }
-        end
+        # for the config file
+        it { is_expected.to contain_concat('/etc/hitch/hitch.conf') }
+        it { is_expected.to contain_concat__fragment('hitch::domain example.com') }
       end
     end
   end
 end
diff --git a/spec/spec_helper_local.rb b/spec/spec_helper_local.rb
new file mode 100644
index 0000000..76e93f6
--- /dev/null
+++ b/spec/spec_helper_local.rb
@@ -0,0 +1,31 @@
+require 'openssl'
+
+def gen_test_tls_data
+  subject = '/CN=test'
+
+  key  = OpenSSL::PKey::RSA.generate(1024)
+  cert = OpenSSL::X509::Certificate.new
+
+  cert.subject = OpenSSL::X509::Name.parse(subject)
+  cert.not_before = Time.now
+  cert.not_after = Time.now + 3600
+  cert.public_key = key.public_key
+  cert.serial = 0x01
+  cert.version = 3
+
+  ef = OpenSSL::X509::ExtensionFactory.new
+  ef.subject_certificate = cert
+  ef.issuer_certificate = cert
+
+  cert.extensions = [
+    ef.create_extension('basicConstraints', 'CA:TRUE', true),
+    ef.create_extension('subjectKeyIdentifier', 'hash'),
+  ]
+
+  cert.add_extension ef.create_extension('authorityKeyIdentifier',
+                                         'keyid:always,issuer:always')
+
+  cert.sign key, OpenSSL::Digest::SHA256.new
+
+  [key, cert]
+end