diff --git a/tests/gold_tests/autest-site/ats_replay.test.ext b/tests/gold_tests/autest-site/ats_replay.test.ext
index 976dc73b3d0..4248b936b54 100644
--- a/tests/gold_tests/autest-site/ats_replay.test.ext
+++ b/tests/gold_tests/autest-site/ats_replay.test.ext
@@ -38,6 +38,37 @@ def configure_ats(obj: 'TestRun', server: 'Process', ats_config: dict, dns: Opti
     records_config = ats_config.get('records_config', {})
     ts.Disk.records_config.update(records_config)
 
+    # TLS configs
+    enable_tls = process_config.get('enable_tls', False)
+    if enable_tls:
+        # Configure ssl_multicert.yaml if specified.
+        ssl_multicert_yaml = ats_config.get('ssl_multicert_yaml', [])
+
+        # setup default cert and key if ssl_multicert_yaml is empty
+        if ssl_multicert_yaml == []:
+            ts.addDefaultSSLFiles()
+
+            ts.Disk.records_config.update(
+                {
+                    'proxy.config.ssl.server.cert.path': ts.Variables.SSLDir,
+                    'proxy.config.ssl.server.private_key.path': ts.Variables.SSLDir,
+                })
+
+            ssl_multicert_yaml = [
+                "ssl_multicert:",
+                "  - ssl_cert_name: server.pem",
+                "    ssl_key_name: server.key",
+                '    dest_ip: "*"',
+            ]
+
+        for line in ssl_multicert_yaml:
+            ts.Disk.ssl_multicert_yaml.AddLine(line)
+
+        # Configure sni.yaml if specified.
+        sni_yaml = ats_config.get('sni_yaml')
+        if sni_yaml != None:
+            ts.Disk.sni_yaml.AddLines(yaml.dump(sni_yaml).split('\n'))
+
     # Configure plugin_config if specified.
     plugin_config = ats_config.get('plugin_config', [])
     for plugin_line in plugin_config: