diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c

index 57b76c0..814ec4f 100644

--- a/modules/ssl/ssl_engine_init.c

+++ b/modules/ssl/ssl_engine_init.c

@@ -1522,70 +1522,18 @@ void ssl_init_CheckServers(SSLModConfigRec *mc, server_rec *base_server, apr_poo

     }

 }

-static int ssl_init_FindCAList_X509NameCmp(const X509_NAME * const *a,

-                                           const X509_NAME * const *b)

-{

-    return(X509_NAME_cmp(*a, *b));

-}

-

-static void ssl_init_PushCAList(STACK_OF(X509_NAME) *ca_list,

-                                server_rec *s, apr_pool_t *ptemp,

-                                const char *file)

-{

-    int n;

-    STACK_OF(X509_NAME) *sk;

-

-    sk = (STACK_OF(X509_NAME) *)

-             SSL_load_client_CA_file(file);

-

-    if (!sk) {

-        return;

-    }

-

-    for (n = 0; n < sk_X509_NAME_num(sk); n++) {

-        X509_NAME *name = sk_X509_NAME_value(sk, n);

-

-        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(02209)

-                     "CA certificate: %s",

-                     SSL_X509_NAME_to_string(ptemp, name, 0));

-

-        /*

-         * note that SSL_load_client_CA_file() checks for duplicates,

-         * but since we call it multiple times when reading a directory

-         * we must also check for duplicates ourselves.

-         */

-

-        if (sk_X509_NAME_find(ca_list, name) < 0) {

-            /* this will be freed when ca_list is */

-            sk_X509_NAME_push(ca_list, name);

-        }

-        else {

-            /* need to free this ourselves, else it will leak */

-            X509_NAME_free(name);

-        }

-    }

-

-    sk_X509_NAME_free(sk);

-}

-

 STACK_OF(X509_NAME) *ssl_init_FindCAList(server_rec *s,

                                          apr_pool_t *ptemp,

                                          const char *ca_file,

                                          const char *ca_path)

 {

-    STACK_OF(X509_NAME) *ca_list;

-

-    /*

-     * Start with a empty stack/list where new

-     * entries get added in sorted order.

-     */

-    ca_list = sk_X509_NAME_new(ssl_init_FindCAList_X509NameCmp);

+    STACK_OF(X509_NAME) *ca_list = sk_X509_NAME_new_null();;

     /*

      * Process CA certificate bundle file

      */

     if (ca_file) {

-        ssl_init_PushCAList(ca_list, s, ptemp, ca_file);

+        SSL_add_file_cert_subjects_to_stack(ca_list, ca_file);

         /*

          * If ca_list is still empty after trying to load ca_file

          * then the file failed to load, and users should hear about that.

@@ -1619,17 +1567,12 @@ STACK_OF(X509_NAME) *ssl_init_FindCAList(server_rec *s,

                 continue; /* don't try to load directories */

             }

             file = apr_pstrcat(ptemp, ca_path, "/", direntry.name, NULL);

-            ssl_init_PushCAList(ca_list, s, ptemp, file);

+            SSL_add_file_cert_subjects_to_stack(ca_list, file);

         }

         apr_dir_close(dir);

     }

-    /*

-     * Cleanup

-     */

-    (void) sk_X509_NAME_set_cmp_func(ca_list, NULL);

-

     return ca_list;

 }