diff --git a/test/pytest/test_certs.py b/test/pytest/test_certs.py
new file mode 100644
index 0000000000000000000000000000000000000000..dddd46d9be0eabed0ac619633b8c5aaf3bbed548
--- /dev/null
+++ b/test/pytest/test_certs.py
@@ -0,0 +1,46 @@
+#!/usr/bin/env python3
+"""Validates remote TLS certs."""
+
+
+import pycurl
+import certifi
+from io import BytesIO
+import os
+import pytest
+
+
+#@pytest.mark.xfail
+def test_cert_validation(url: str):
+    print('Testing URL: ', url)
+
+    buffer = BytesIO()
+    c = pycurl.Curl()
+    c.setopt(c.URL, url)
+    c.setopt(c.WRITEDATA, buffer)
+    c.setopt(c.CAINFO, certifi.where())
+    # curl.setopt(pycurl.SSL_VERIFYPEER, 1)
+    # curl.setopt(pycurl.SSL_VERIFYHOST, 2)
+
+    try:
+        c.perform()
+        valid_cert = True
+    except pycurl.error as e:
+        valid_cert = False
+        print('Cert error!')
+        if e.args[0] == pycurl.E_COULDNT_CONNECT and c.exception:
+            print(c.exception)
+        else:
+            print(e)
+    c.close()
+
+    return valid_cert
+
+
+domain = os.environ.get("OAS_DOMAIN")
+assert domain, "Please export OAS_DOMAIN as environment variable."
+
+#print(_testinfra_host)
+print(host)
+
+# Check traefik cert
+assert test_cert_validation('https://traefik.%s/' % domain)
diff --git a/test/requirements.txt b/test/requirements.txt
index bc4c4c9e431d0a43a6823ad4c59f83d9603a2754..3f09c87097a21ec18a7c6a3ebf3a8cdd229ab14a 100644
--- a/test/requirements.txt
+++ b/test/requirements.txt
@@ -2,6 +2,7 @@ ansible~=2.6.0
 behave-webdriver>=0.2.2
 openshift>=0.8.6
 psutil>=5.5.0
+pycurl>=7.43.0.2
 pytest>=4.3.0
 requests>=2.19.1
 tabulate>=0.8.3