Index: generic/tlsIO.c
==================================================================
--- generic/tlsIO.c
+++ generic/tlsIO.c
@@ -368,10 +368,12 @@
 	case SSL_ERROR_SSL:
 	    /* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */
 	    dprintf("SSL error, indicating that the connection has been aborted");
 	    if (backingError != 0) {
 		Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError));
+	    } else if (SSL_get_verify_result(statePtr->ssl) != X509_V_OK) {
+		Tls_Error(statePtr, (char *) X509_verify_cert_error_string(SSL_get_verify_result(statePtr->ssl)));
 	    } else {
 		Tls_Error(statePtr, "Unknown SSL error");
 	    }
 	    *errorCodePtr = ECONNABORTED;
 	    bytesRead = -1;
@@ -581,10 +583,12 @@
 	case SSL_ERROR_SSL:
 	    /* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */
 	    dprintf("SSL error, indicating that the connection has been aborted");
 	    if (backingError != 0) {
 		Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError));
+	    } else if (SSL_get_verify_result(statePtr->ssl) != X509_V_OK) {
+		Tls_Error(statePtr, (char *) X509_verify_cert_error_string(SSL_get_verify_result(statePtr->ssl)));
 	    } else {
 		Tls_Error(statePtr, "Unknown SSL error");
 	    }
 	    *errorCodePtr = ECONNABORTED;
 	    written = -1;

Index: tests/badssl.csv
==================================================================
--- tests/badssl.csv
+++ tests/badssl.csv
@@ -9,19 +9,23 @@
 ,,,,,,,,,,
 command,# BadSSL.com Tests,,,,,,,,,
 BadSSL,1000-sans,,,badssl 1000-sans.badssl.com,,,"handshake failed: certificate verify failed due to ""certificate has expired""",,,1
 BadSSL,10000-sans,,,badssl 10000-sans.badssl.com,,,handshake failed: excessive message size,,,1
 BadSSL,3des,,,badssl 3des.badssl.com,,,handshake failed: sslv3 alert handshake failure,,,1
-BadSSL,captive-portal,,,badssl captive-portal.badssl.com,,,"handshake failed: certificate verify failed due to ""Hostname mismatch""",,,1
+BadSSL,captive-portal,old_api,,badssl captive-portal.badssl.com,,,"handshake failed: certificate verify failed due to ""Hostname mismatch""",,,1
+BadSSL,captive-portal,new_api,,badssl captive-portal.badssl.com,,,"handshake failed: certificate verify failed due to ""hostname mismatch""",,,1
 BadSSL,cbc,,,badssl cbc.badssl.com,,,,,,
 BadSSL,client-cert-missing,,,badssl client-cert-missing.badssl.com,,,,,,
 BadSSL,client,,,badssl client.badssl.com,,,,,,
-BadSSL,dh-composite,,,badssl dh-composite.badssl.com,,,,,,
+BadSSL,dh-composite,old_api,,badssl dh-composite.badssl.com,,,,,,
+BadSSL,dh-composite,new_api,,badssl dh-composite.badssl.com,,,handshake failed: dh key too small,,,1
 BadSSL,dh-small-subgroup,,,badssl dh-small-subgroup.badssl.com,,,,,,
-BadSSL,dh480,,,badssl dh480.badssl.com,,,handshake failed: dh key too small,,,1
+BadSSL,dh480,old_api,,badssl dh480.badssl.com,,,handshake failed: dh key too small,,,1
+BadSSL,dh480,new_api,,badssl dh480.badssl.com,,,handshake failed: modulus too small,,,1
 BadSSL,dh512,,,badssl dh512.badssl.com,,,handshake failed: dh key too small,,,1
-BadSSL,dh1024,,,badssl dh1024.badssl.com,,,,,,
+BadSSL,dh1024,old_api,,badssl dh1024.badssl.com,,,,,,
+BadSSL,dh1024,new_api,,badssl dh1024.badssl.com,,,handshake failed: dh key too small,,,1
 BadSSL,dh2048,,,badssl dh2048.badssl.com,,,,,,
 BadSSL,dsdtestprovider,,,badssl dsdtestprovider.badssl.com,,,"handshake failed: certificate verify failed due to ""unable to get local issuer certificate""",,,1
 BadSSL,ecc256,,,badssl ecc256.badssl.com,,,,,,
 BadSSL,ecc384,,,badssl ecc384.badssl.com,,,,,,
 BadSSL,edellroot,,,badssl edellroot.badssl.com,,,"handshake failed: certificate verify failed due to ""unable to get local issuer certificate""",,,1
@@ -45,23 +49,30 @@
 BadSSL,rc4,,,badssl rc4.badssl.com,,,handshake failed: sslv3 alert handshake failure,,,1
 BadSSL,revoked,,,badssl revoked.badssl.com,,,"handshake failed: certificate verify failed due to ""certificate has expired""",,,1
 BadSSL,rsa2048,,,badssl rsa2048.badssl.com,,,,,,
 BadSSL,rsa4096,,,badssl rsa4096.badssl.com,,,,,,
 BadSSL,rsa8192,,,badssl rsa8192.badssl.com,,,,,,
-BadSSL,self-signed,,,badssl self-signed.badssl.com,,,"handshake failed: certificate verify failed due to ""self signed certificate""",,,1
+BadSSL,self-signed,old_api,,badssl self-signed.badssl.com,,,"handshake failed: certificate verify failed due to ""self signed certificate""",,,1
+BadSSL,self-signed,new_api,,badssl self-signed.badssl.com,,,"handshake failed: certificate verify failed due to ""self-signed certificate""",,,1
 BadSSL,sha1-2016,,,badssl sha1-2016.badssl.com,,,"handshake failed: certificate verify failed due to ""unable to get local issuer certificate""",,,1
-BadSSL,sha1-2017,,,badssl sha1-2017.badssl.com,,,"handshake failed: certificate verify failed due to ""certificate has expired""",,,1
+BadSSL,sha1-2017,old_api,,badssl sha1-2017.badssl.com,,,"handshake failed: certificate verify failed due to ""certificate has expired""",,,1
+BadSSL,sha1-2017,new_api,,badssl sha1-2017.badssl.com,,,"handshake failed: certificate verify failed due to ""CA signature digest algorithm too weak""",,,1
 BadSSL,sha1-intermediate,,,badssl sha1-intermediate.badssl.com,,,"handshake failed: certificate verify failed due to ""unable to get local issuer certificate""",,,1
 BadSSL,sha256,,,badssl sha256.badssl.com,,,,,,
 BadSSL,sha384,,,badssl sha384.badssl.com,,,"handshake failed: certificate verify failed due to ""certificate has expired""",,,1
 BadSSL,sha512,,,badssl sha512.badssl.com,,,"handshake failed: certificate verify failed due to ""certificate has expired""",,,1
 BadSSL,static-rsa,,,badssl static-rsa.badssl.com,,,,,,
-BadSSL,subdomain.preloaded-hsts,,,badssl subdomain.preloaded-hsts.badssl.com,,,"handshake failed: certificate verify failed due to ""Hostname mismatch""",,,1
+BadSSL,subdomain.preloaded-hsts,old_api,,badssl subdomain.preloaded-hsts.badssl.com,,,"handshake failed: certificate verify failed due to ""Hostname mismatch""",,,1
+BadSSL,subdomain.preloaded-hsts,new_api,,badssl subdomain.preloaded-hsts.badssl.com,,,"handshake failed: certificate verify failed due to ""hostname mismatch""",,,1
 BadSSL,superfish,,,badssl superfish.badssl.com,,,"handshake failed: certificate verify failed due to ""unable to get local issuer certificate""",,,1
-BadSSL,tls-v1-0:1010,tls1,,badssl tls-v1-0.badssl.com:1010,,,,,,
-BadSSL,tls-v1-1:1011,tls1.1,,badssl tls-v1-1.badssl.com:1011,,,,,,
+BadSSL,tls-v1-0:1010,tls1 old_api,,badssl tls-v1-0.badssl.com:1010,,,,,,
+BadSSL,tls-v1-0:1010,tls1 new_api,,badssl tls-v1-0.badssl.com:1010,,,handshake failed: unsupported protocol,,,1
+BadSSL,tls-v1-1:1011,tls1.1 old_api,,badssl tls-v1-1.badssl.com:1011,,,,,,
+BadSSL,tls-v1-1:1011,tls1.1 new_api,,badssl tls-v1-1.badssl.com:1011,,,handshake failed: unsupported protocol,,,1
 BadSSL,tls-v1-2:1012,tls1.2,,badssl tls-v1-2.badssl.com:1012,,,,,,
-BadSSL,untrusted-root,,,badssl untrusted-root.badssl.com,,,"handshake failed: certificate verify failed due to ""self signed certificate in certificate chain""",,,1
+BadSSL,untrusted-root,old_api,,badssl untrusted-root.badssl.com,,,"handshake failed: certificate verify failed due to ""self signed certificate in certificate chain""",,,1
+BadSSL,untrusted-root,new_api,,badssl untrusted-root.badssl.com,,,"handshake failed: certificate verify failed due to ""self-signed certificate in certificate chain""",,,1
 BadSSL,upgrade,,,badssl upgrade.badssl.com,,,,,,
 BadSSL,webpack-dev-server,,,badssl webpack-dev-server.badssl.com,,,"handshake failed: certificate verify failed due to ""unable to get local issuer certificate""",,,1
-BadSSL,wrong.host,,,badssl wrong.host.badssl.com,,,"handshake failed: certificate verify failed due to ""Hostname mismatch""",,,1
+BadSSL,wrong.host,old_api,,badssl wrong.host.badssl.com,,,"handshake failed: certificate verify failed due to ""Hostname mismatch""",,,1
+BadSSL,wrong.host,new_api,,badssl wrong.host.badssl.com,,,"handshake failed: certificate verify failed due to ""hostname mismatch""",,,1
 BadSSL,mozilla-modern,,,badssl mozilla-modern.badssl.com,,,,,,

Index: tests/badssl.test
==================================================================
--- tests/badssl.test
+++ tests/badssl.test
@@ -29,223 +29,267 @@
 
 test BadSSL-1.3 {3des} -body {
 	badssl 3des.badssl.com
     } -result {handshake failed: sslv3 alert handshake failure} -returnCodes {1}
 
-test BadSSL-1.4 {captive-portal} -body {
+test BadSSL-1.4 {captive-portal} -constraints {old_api} -body {
 	badssl captive-portal.badssl.com
     } -result {handshake failed: certificate verify failed due to "Hostname mismatch"} -returnCodes {1}
 
-test BadSSL-1.5 {cbc} -body {
+test BadSSL-1.5 {captive-portal} -constraints {new_api} -body {
+	badssl captive-portal.badssl.com
+    } -result {handshake failed: certificate verify failed due to "hostname mismatch"} -returnCodes {1}
+
+test BadSSL-1.6 {cbc} -body {
 	badssl cbc.badssl.com
     }
 
-test BadSSL-1.6 {client-cert-missing} -body {
+test BadSSL-1.7 {client-cert-missing} -body {
 	badssl client-cert-missing.badssl.com
     }
 
-test BadSSL-1.7 {client} -body {
+test BadSSL-1.8 {client} -body {
 	badssl client.badssl.com
     }
 
-test BadSSL-1.8 {dh-composite} -body {
+test BadSSL-1.9 {dh-composite} -constraints {old_api} -body {
+	badssl dh-composite.badssl.com
+    }
+
+test BadSSL-1.10 {dh-composite} -constraints {new_api} -body {
 	badssl dh-composite.badssl.com
-    }
+    } -result {handshake failed: dh key too small} -returnCodes {1}
 
-test BadSSL-1.9 {dh-small-subgroup} -body {
+test BadSSL-1.11 {dh-small-subgroup} -body {
 	badssl dh-small-subgroup.badssl.com
     }
 
-test BadSSL-1.10 {dh480} -body {
+test BadSSL-1.12 {dh480} -constraints {old_api} -body {
 	badssl dh480.badssl.com
     } -result {handshake failed: dh key too small} -returnCodes {1}
 
-test BadSSL-1.11 {dh512} -body {
+test BadSSL-1.13 {dh480} -constraints {new_api} -body {
+	badssl dh480.badssl.com
+    } -result {handshake failed: modulus too small} -returnCodes {1}
+
+test BadSSL-1.14 {dh512} -body {
 	badssl dh512.badssl.com
     } -result {handshake failed: dh key too small} -returnCodes {1}
 
-test BadSSL-1.12 {dh1024} -body {
+test BadSSL-1.15 {dh1024} -constraints {old_api} -body {
+	badssl dh1024.badssl.com
+    }
+
+test BadSSL-1.16 {dh1024} -constraints {new_api} -body {
 	badssl dh1024.badssl.com
-    }
+    } -result {handshake failed: dh key too small} -returnCodes {1}
 
-test BadSSL-1.13 {dh2048} -body {
+test BadSSL-1.17 {dh2048} -body {
 	badssl dh2048.badssl.com
     }
 
-test BadSSL-1.14 {dsdtestprovider} -body {
+test BadSSL-1.18 {dsdtestprovider} -body {
 	badssl dsdtestprovider.badssl.com
     } -result {handshake failed: certificate verify failed due to "unable to get local issuer certificate"} -returnCodes {1}
 
-test BadSSL-1.15 {ecc256} -body {
+test BadSSL-1.19 {ecc256} -body {
 	badssl ecc256.badssl.com
     }
 
-test BadSSL-1.16 {ecc384} -body {
+test BadSSL-1.20 {ecc384} -body {
 	badssl ecc384.badssl.com
     }
 
-test BadSSL-1.17 {edellroot} -body {
+test BadSSL-1.21 {edellroot} -body {
 	badssl edellroot.badssl.com
     } -result {handshake failed: certificate verify failed due to "unable to get local issuer certificate"} -returnCodes {1}
 
-test BadSSL-1.18 {expired} -body {
+test BadSSL-1.22 {expired} -body {
 	badssl expired.badssl.com
     } -result {handshake failed: certificate verify failed due to "certificate has expired"} -returnCodes {1}
 
-test BadSSL-1.19 {extended-validation} -body {
+test BadSSL-1.23 {extended-validation} -body {
 	badssl extended-validation.badssl.com
     } -result {handshake failed: certificate verify failed due to "certificate has expired"} -returnCodes {1}
 
-test BadSSL-1.20 {hsts} -body {
+test BadSSL-1.24 {hsts} -body {
 	badssl hsts.badssl.com
     }
 
-test BadSSL-1.21 {https-everywhere} -body {
+test BadSSL-1.25 {https-everywhere} -body {
 	badssl https-everywhere.badssl.com
     }
 
-test BadSSL-1.22 {incomplete-chain} -body {
+test BadSSL-1.26 {incomplete-chain} -body {
 	badssl incomplete-chain.badssl.com
     } -result {handshake failed: certificate verify failed due to "unable to get local issuer certificate"} -returnCodes {1}
 
-test BadSSL-1.23 {invalid-expected-sct} -body {
+test BadSSL-1.27 {invalid-expected-sct} -body {
 	badssl invalid-expected-sct.badssl.com
     } -result {handshake failed: certificate verify failed due to "unable to get local issuer certificate"} -returnCodes {1}
 
-test BadSSL-1.24 {long-extended-subdomain-name-containing-many-letters-and-dashes} -body {
+test BadSSL-1.28 {long-extended-subdomain-name-containing-many-letters-and-dashes} -body {
 	badssl long-extended-subdomain-name-containing-many-letters-and-dashes.badssl.com
     }
 
-test BadSSL-1.25 {longextendedsubdomainnamewithoutdashesinordertotestwordwrapping} -body {
+test BadSSL-1.29 {longextendedsubdomainnamewithoutdashesinordertotestwordwrapping} -body {
 	badssl longextendedsubdomainnamewithoutdashesinordertotestwordwrapping.badssl.com
     }
 
-test BadSSL-1.26 {mitm-software} -body {
+test BadSSL-1.30 {mitm-software} -body {
 	badssl mitm-software.badssl.com
     } -result {handshake failed: certificate verify failed due to "unable to get local issuer certificate"} -returnCodes {1}
 
-test BadSSL-1.27 {no-common-name} -body {
+test BadSSL-1.31 {no-common-name} -body {
 	badssl no-common-name.badssl.com
     } -result {handshake failed: certificate verify failed due to "certificate has expired"} -returnCodes {1}
 
-test BadSSL-1.28 {no-sct} -body {
+test BadSSL-1.32 {no-sct} -body {
 	badssl no-sct.badssl.com
     } -result {handshake failed: certificate verify failed due to "unable to get local issuer certificate"} -returnCodes {1}
 
-test BadSSL-1.29 {no-subject} -body {
+test BadSSL-1.33 {no-subject} -body {
 	badssl no-subject.badssl.com
     } -result {handshake failed: certificate verify failed due to "certificate has expired"} -returnCodes {1}
 
-test BadSSL-1.30 {null} -body {
+test BadSSL-1.34 {null} -body {
 	badssl null.badssl.com
     } -result {handshake failed: sslv3 alert handshake failure} -returnCodes {1}
 
-test BadSSL-1.31 {pinning-test} -body {
+test BadSSL-1.35 {pinning-test} -body {
 	badssl pinning-test.badssl.com
     }
 
-test BadSSL-1.32 {preact-cli} -body {
+test BadSSL-1.36 {preact-cli} -body {
 	badssl preact-cli.badssl.com
     } -result {handshake failed: certificate verify failed due to "unable to get local issuer certificate"} -returnCodes {1}
 
-test BadSSL-1.33 {preloaded-hsts} -body {
+test BadSSL-1.37 {preloaded-hsts} -body {
 	badssl preloaded-hsts.badssl.com
     }
 
-test BadSSL-1.34 {rc4-md5} -body {
+test BadSSL-1.38 {rc4-md5} -body {
 	badssl rc4-md5.badssl.com
     } -result {handshake failed: sslv3 alert handshake failure} -returnCodes {1}
 
-test BadSSL-1.35 {rc4} -body {
+test BadSSL-1.39 {rc4} -body {
 	badssl rc4.badssl.com
     } -result {handshake failed: sslv3 alert handshake failure} -returnCodes {1}
 
-test BadSSL-1.36 {revoked} -body {
+test BadSSL-1.40 {revoked} -body {
 	badssl revoked.badssl.com
     } -result {handshake failed: certificate verify failed due to "certificate has expired"} -returnCodes {1}
 
-test BadSSL-1.37 {rsa2048} -body {
+test BadSSL-1.41 {rsa2048} -body {
 	badssl rsa2048.badssl.com
     }
 
-test BadSSL-1.38 {rsa4096} -body {
+test BadSSL-1.42 {rsa4096} -body {
 	badssl rsa4096.badssl.com
     }
 
-test BadSSL-1.39 {rsa8192} -body {
+test BadSSL-1.43 {rsa8192} -body {
 	badssl rsa8192.badssl.com
     }
 
-test BadSSL-1.40 {self-signed} -body {
+test BadSSL-1.44 {self-signed} -constraints {old_api} -body {
 	badssl self-signed.badssl.com
     } -result {handshake failed: certificate verify failed due to "self signed certificate"} -returnCodes {1}
 
-test BadSSL-1.41 {sha1-2016} -body {
+test BadSSL-1.45 {self-signed} -constraints {new_api} -body {
+	badssl self-signed.badssl.com
+    } -result {handshake failed: certificate verify failed due to "self-signed certificate"} -returnCodes {1}
+
+test BadSSL-1.46 {sha1-2016} -body {
 	badssl sha1-2016.badssl.com
     } -result {handshake failed: certificate verify failed due to "unable to get local issuer certificate"} -returnCodes {1}
 
-test BadSSL-1.42 {sha1-2017} -body {
+test BadSSL-1.47 {sha1-2017} -constraints {old_api} -body {
 	badssl sha1-2017.badssl.com
     } -result {handshake failed: certificate verify failed due to "certificate has expired"} -returnCodes {1}
 
-test BadSSL-1.43 {sha1-intermediate} -body {
+test BadSSL-1.48 {sha1-2017} -constraints {new_api} -body {
+	badssl sha1-2017.badssl.com
+    } -result {handshake failed: certificate verify failed due to "CA signature digest algorithm too weak"} -returnCodes {1}
+
+test BadSSL-1.49 {sha1-intermediate} -body {
 	badssl sha1-intermediate.badssl.com
     } -result {handshake failed: certificate verify failed due to "unable to get local issuer certificate"} -returnCodes {1}
 
-test BadSSL-1.44 {sha256} -body {
+test BadSSL-1.50 {sha256} -body {
 	badssl sha256.badssl.com
     }
 
-test BadSSL-1.45 {sha384} -body {
+test BadSSL-1.51 {sha384} -body {
 	badssl sha384.badssl.com
     } -result {handshake failed: certificate verify failed due to "certificate has expired"} -returnCodes {1}
 
-test BadSSL-1.46 {sha512} -body {
+test BadSSL-1.52 {sha512} -body {
 	badssl sha512.badssl.com
     } -result {handshake failed: certificate verify failed due to "certificate has expired"} -returnCodes {1}
 
-test BadSSL-1.47 {static-rsa} -body {
+test BadSSL-1.53 {static-rsa} -body {
 	badssl static-rsa.badssl.com
     }
 
-test BadSSL-1.48 {subdomain.preloaded-hsts} -body {
+test BadSSL-1.54 {subdomain.preloaded-hsts} -constraints {old_api} -body {
 	badssl subdomain.preloaded-hsts.badssl.com
     } -result {handshake failed: certificate verify failed due to "Hostname mismatch"} -returnCodes {1}
 
-test BadSSL-1.49 {superfish} -body {
+test BadSSL-1.55 {subdomain.preloaded-hsts} -constraints {new_api} -body {
+	badssl subdomain.preloaded-hsts.badssl.com
+    } -result {handshake failed: certificate verify failed due to "hostname mismatch"} -returnCodes {1}
+
+test BadSSL-1.56 {superfish} -body {
 	badssl superfish.badssl.com
     } -result {handshake failed: certificate verify failed due to "unable to get local issuer certificate"} -returnCodes {1}
 
-test BadSSL-1.50 {tls-v1-0:1010} -constraints {tls1} -body {
+test BadSSL-1.57 {tls-v1-0:1010} -constraints {tls1 old_api} -body {
 	badssl tls-v1-0.badssl.com:1010
     }
 
-test BadSSL-1.51 {tls-v1-1:1011} -constraints {tls1.1} -body {
+test BadSSL-1.58 {tls-v1-0:1010} -constraints {tls1 new_api} -body {
+	badssl tls-v1-0.badssl.com:1010
+    } -result {handshake failed: unsupported protocol} -returnCodes {1}
+
+test BadSSL-1.59 {tls-v1-1:1011} -constraints {tls1.1 old_api} -body {
 	badssl tls-v1-1.badssl.com:1011
     }
 
-test BadSSL-1.52 {tls-v1-2:1012} -constraints {tls1.2} -body {
+test BadSSL-1.60 {tls-v1-1:1011} -constraints {tls1.1 new_api} -body {
+	badssl tls-v1-1.badssl.com:1011
+    } -result {handshake failed: unsupported protocol} -returnCodes {1}
+
+test BadSSL-1.61 {tls-v1-2:1012} -constraints {tls1.2} -body {
 	badssl tls-v1-2.badssl.com:1012
     }
 
-test BadSSL-1.53 {untrusted-root} -body {
+test BadSSL-1.62 {untrusted-root} -constraints {old_api} -body {
 	badssl untrusted-root.badssl.com
     } -result {handshake failed: certificate verify failed due to "self signed certificate in certificate chain"} -returnCodes {1}
 
-test BadSSL-1.54 {upgrade} -body {
+test BadSSL-1.63 {untrusted-root} -constraints {new_api} -body {
+	badssl untrusted-root.badssl.com
+    } -result {handshake failed: certificate verify failed due to "self-signed certificate in certificate chain"} -returnCodes {1}
+
+test BadSSL-1.64 {upgrade} -body {
 	badssl upgrade.badssl.com
     }
 
-test BadSSL-1.55 {webpack-dev-server} -body {
+test BadSSL-1.65 {webpack-dev-server} -body {
 	badssl webpack-dev-server.badssl.com
     } -result {handshake failed: certificate verify failed due to "unable to get local issuer certificate"} -returnCodes {1}
 
-test BadSSL-1.56 {wrong.host} -body {
+test BadSSL-1.66 {wrong.host} -constraints {old_api} -body {
 	badssl wrong.host.badssl.com
     } -result {handshake failed: certificate verify failed due to "Hostname mismatch"} -returnCodes {1}
 
-test BadSSL-1.57 {mozilla-modern} -body {
+test BadSSL-1.67 {wrong.host} -constraints {new_api} -body {
+	badssl wrong.host.badssl.com
+    } -result {handshake failed: certificate verify failed due to "hostname mismatch"} -returnCodes {1}
+
+test BadSSL-1.68 {mozilla-modern} -body {
 	badssl mozilla-modern.badssl.com
     }
 
 # Cleanup
 ::tcltest::cleanupTests

Index: tests/common.tcl
==================================================================
--- tests/common.tcl
+++ tests/common.tcl
@@ -18,5 +18,11 @@
 ::tcltest::testConstraint OpenSSL [string match "OpenSSL*" [::tls::version]]
 
 # Legacy OpenSSL v1.1.1 vs new v3.x
 scan [lindex [split [::tls::version]] 1] %f version
 ::tcltest::testConstraint new_api [expr {$version >= 3.0}]
+::tcltest::testConstraint old_api [expr {$version < 3.0}]
+
+# Load legacy provider
+if {$version >= 3.0} {
+    tls::provider legacy
+}