diff --git a/web-apache-mysql/alpine/Dockerfile b/web-apache-mysql/alpine/Dockerfile
index c1a914339..f081554db 100644
--- a/web-apache-mysql/alpine/Dockerfile
+++ b/web-apache-mysql/alpine/Dockerfile
@@ -34,6 +34,8 @@ RUN addgroup zabbix && \
             php5-xmlreader \
             php5-ldap \
             php5-json \
+            ca-certificates \
+            openldap-clients \
             ttf-dejavu && \
     rm -rf /var/cache/apk/*
 
@@ -73,6 +75,8 @@ ADD conf/etc/zabbix/apache.conf /etc/zabbix/
 ADD conf/etc/zabbix/apache_ssl.conf /etc/zabbix/
 ADD conf/etc/zabbix/web/zabbix.conf.php /etc/zabbix/web/
 ADD conf/etc/php5/conf.d/99-zabbix.ini /etc/php5/conf.d/
+ADD conf/etc/openldap/ldap.conf /etc/openldap/ldap.conf
+ADD conf/etc/openldap/certs /etc/openldap/certs
 ADD run_zabbix_component.sh /
 
 ENTRYPOINT ["/bin/bash"]
diff --git a/web-apache-mysql/alpine/conf/etc/openldap/certs/cert8.db b/web-apache-mysql/alpine/conf/etc/openldap/certs/cert8.db
new file mode 100644
index 000000000..ac40a3325
Binary files /dev/null and b/web-apache-mysql/alpine/conf/etc/openldap/certs/cert8.db differ
diff --git a/web-apache-mysql/alpine/conf/etc/openldap/certs/key3.db b/web-apache-mysql/alpine/conf/etc/openldap/certs/key3.db
new file mode 100644
index 000000000..7a638718a
Binary files /dev/null and b/web-apache-mysql/alpine/conf/etc/openldap/certs/key3.db differ
diff --git a/web-apache-mysql/alpine/conf/etc/openldap/certs/secmod.db b/web-apache-mysql/alpine/conf/etc/openldap/certs/secmod.db
new file mode 100644
index 000000000..9e50a3f9d
Binary files /dev/null and b/web-apache-mysql/alpine/conf/etc/openldap/certs/secmod.db differ
diff --git a/web-apache-mysql/alpine/conf/etc/openldap/ldap.conf b/web-apache-mysql/alpine/conf/etc/openldap/ldap.conf
new file mode 100644
index 000000000..aa6f8fd4d
--- /dev/null
+++ b/web-apache-mysql/alpine/conf/etc/openldap/ldap.conf
@@ -0,0 +1,18 @@
+#
+# LDAP Defaults
+#
+
+# See ldap.conf(5) for details
+# This file should be world readable but not world writable.
+
+#BASE	dc=example,dc=com
+#URI	ldap://ldap.example.com ldap://ldap-master.example.com:666
+
+#SIZELIMIT	12
+#TIMELIMIT	15
+#DEREF		never
+
+TLS_CACERTDIR	/etc/openldap/certs
+
+# Turning this off breaks GSSAPI used with krb5 when rdns = false
+SASL_NOCANON	on