diff --git a/lib/modules/SSL.pmod/Connection.pike b/lib/modules/SSL.pmod/Connection.pike
index 68e11dfc664450db19c3197bcb0c356cb83e2579..bdc53ecfd12604426d089739b1891485e3fe02e0 100644
--- a/lib/modules/SSL.pmod/Connection.pike
+++ b/lib/modules/SSL.pmod/Connection.pike
@@ -264,7 +264,9 @@ int verify_certificate_chain(array(string) certs)
   mapping result =
     Standards.X509.verify_certificate_chain(certs,
                                             context->trusted_issuers_cache,
-					    context->require_trust);
+					    context->require_trust,
+					    ([ "verifier_algorithms"
+                                               : context->verifier_algorithms]));
 
   // This data isn't actually used internally.
   session->cert_data = result;
diff --git a/lib/modules/SSL.pmod/Context.pike b/lib/modules/SSL.pmod/Context.pike
index 7071d3607308938a7c7b430886c9538c3677567a..3c916fa998531564f435c1658369ca2b7ee1475d 100644
--- a/lib/modules/SSL.pmod/Context.pike
+++ b/lib/modules/SSL.pmod/Context.pike
@@ -70,6 +70,22 @@ ProtocolVersion max_version = PROTOCOL_TLS_MAX;
 //! protocol negotiation.
 array(string(8bit)) advertised_protocols;
 
+//! Mapping of supported verifier algorithms to hash implementation.
+//!
+//! @seealso
+//!   @[Standards.X509.get_algorithms()]
+mapping(Standards.ASN1.Types.Identifier:Crypto.Hash) verifier_algorithms
+= filter(Standards.X509.get_algorithms(),
+                                     lambda(object o) {
+    return !(<
+#if constant(Crypto.MD2)
+        Crypto.MD2,
+#endif
+        Crypto.MD5,
+        Crypto.SHA1
+    >)[o];
+});
+
 //! The maximum amount of data that is sent in each SSL packet by
 //! @[File]. A value between 1 and @[Constants.PACKET_MAX_SIZE].
 int packet_max_size = PACKET_MAX_SIZE;