diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -18,6 +18,24 @@
 import platform
 import functools
 
+if sys.platform == 'darwin':
+    # Apple's installation of OpenSSL in /usr/lib is patched to
+    # integrate with Apple's KeyChain. OpenSSL will verify certificates
+    # using the CA roots that are part of the system and user keychains,
+    # unless that code is disabled using an environment variable.
+    #
+    # The environment variable below disables the keychain integration,
+    # and avoids test failures when the CAcert root certificate (the signer
+    # of the certificate for svn.python.org) happens to be in the keychain of 
+    # a system where the tests are run.
+    #
+    # Note: this cannot be done in a setUp method for NetworkedTests because
+    # the presence of the environment variable is cached by OpenSSL, and some
+    # other test might trigger the check for the environment variable before
+    # NetworkedTests is run.
+    os.putenv("OPENSSL_X509_TEA_DISABLE", "1")
+
+
 ssl = support.import_module("ssl")
 
 PROTOCOLS = [