diff --git a/tasks/configure-Rocky.yml b/tasks/configure-Rocky.yml
new file mode 100644
index 0000000000000000000000000000000000000000..ee858903f38d630e7f41c39c6e1e96cd8159b8af
--- /dev/null
+++ b/tasks/configure-Rocky.yml
@@ -0,0 +1,35 @@
+---
+- name: "Configure certificates"
+  block:
+    - name: "Ensure cacerts directory is present"
+      file:
+        path: "{{ openldap_client_conf_path }}/{{ openldap_client_cacerts_directory }}"
+        state: directory
+        owner: root
+        group: root
+        mode: 0755
+
+    - name: "Ensure certs directory is present"
+      file:
+        path: "{{ openldap_client_conf_path }}/{{ openldap_client_certs_directory }}"
+        state: directory
+        owner: root
+        group: root
+        mode: 0755
+
+    - name: "Install CA Cert if defined"
+      copy:
+        content: "{{ openldap_client_ca_cert_content }}"
+        dest: "{{ openldap_client_ca_cert }}"
+      when: openldap_client_ca_cert is defined
+
+  when: openldap_client_manage_certs | bool
+
+- name: "Manage ldap.conf configuration"
+  template:
+    src: "{{ openldap_client_conf_template }}"
+    dest: "{{ openldap_client_conf_path }}/{{ openldap_client_conf_filename }}"
+    owner: root
+    group: root
+    mode: 0644
+  when: openldap_client_manage_config | bool
diff --git a/tasks/install-Rocky.yml b/tasks/install-Rocky.yml
new file mode 100644
index 0000000000000000000000000000000000000000..d3edbb7373efa0faddf1e263bc3af0b14900ab94
--- /dev/null
+++ b/tasks/install-Rocky.yml
@@ -0,0 +1,6 @@
+---
+- name: "Ensure openldap client packages are installed"
+  yum:
+    name: "{{ openldap_client_packages }}"
+    state: "{{ openldap_client_packages_state }}"
+    enablerepo: "{{ openldap_client_enablerepo | default(omit, true) }}"
diff --git a/vars/Rocky.yml b/vars/Rocky.yml
new file mode 100644
index 0000000000000000000000000000000000000000..ce7160829d0d37130b7ac4e2e3bbf6113610abcc
--- /dev/null
+++ b/vars/Rocky.yml
@@ -0,0 +1,10 @@
+---
+openldap_client_packages:
+  - 'openldap'
+  - 'openldap-clients'
+
+openldap_client_conf_path: "/etc/openldap"
+openldap_client_conf_filename: "ldap.conf"
+
+openldap_client_cacerts_directory: "cacerts"
+openldap_client_certs_directory: "certs"