diff --git a/SOURCES/9900-centos-fix-ssl-connection-resets.patch b/SOURCES/9900-centos-fix-ssl-connection-resets.patch
new file mode 100644
index 0000000..952ca69
--- /dev/null
+++ b/SOURCES/9900-centos-fix-ssl-connection-resets.patch
@@ -0,0 +1,21 @@
+diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
+index 0aeabc10f2..72b7a94a21 100644
+--- a/Lib/test/test_ssl.py
++++ b/Lib/test/test_ssl.py
+@@ -2021,6 +2021,16 @@ if _have_threads:
+                                 sys.stdout.write(" server: read %r (%s), sending back %r (%s)...\n"
+                                                  % (msg, ctype, msg.lower(), ctype))
+                             self.write(msg.lower())
++                    except ConnectionResetError:
++                        # XXX: OpenSSL 1.1.1 sometimes raises ConnectionResetError
++                        # when connection is not shut down gracefully.
++                        if self.server.chatty and support.verbose:
++                            sys.stdout.write(
++                                " Connection reset by peer: {}\n".format(
++                                    self.addr)
++                            )
++                        self.close()
++                        self.running = False
+                     except OSError:
+                         if self.server.chatty:
+                             handle_error("Test server failure:\n")
diff --git a/SPECS/python3.spec b/SPECS/python3.spec
index cd3978c..e379743 100644
--- a/SPECS/python3.spec
+++ b/SPECS/python3.spec
@@ -14,7 +14,7 @@ URL: https://www.python.org/
 #  WARNING  When rebasing to a new Python version,
 #           remember to update the python3-docs package as well
 Version: %{pybasever}.8
-Release: 2%{?dist}
+Release: 2%{?dist}.0.1
 License: Python
 
 
@@ -362,6 +362,8 @@ Patch294: 00294-define-TLS-cipher-suite-on-build-time.patch
 # Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1693973
 Patch320: 00320-CVE-2019-9636.patch
 
+Patch9900: 9900-centos-fix-ssl-connection-resets.patch
+
 # (New patches go here ^^^)
 #
 # When adding new patches to "python" and "python3" in Fedora, EL, etc.,
@@ -643,6 +645,7 @@ sed -r -i s/'_PIP_VERSION = "[0-9.]+"'/'_PIP_VERSION = "%{pip_version}"'/ Lib/en
 %patch294 -p1
 %patch320 -p1
 
+%patch9900 -p1
 
 # Remove files that should be generated by the build
 # (This is after patching, so that we can use patches directly from upstream)
@@ -1563,6 +1566,9 @@ fi
 # ======================================================
 
 %changelog
+* Tue May 21 2019 Pablo Greco <pgreco@centosproject.org> - 3.6.8-2.0.1
+- Fix tests with openssl 1.1.1.
+
 * Wed Apr 3 2019 Miro Hrončok <mhroncok@redhat.com> - 3.6.8-2
 - Security fix for CVE-2019-9636 (rhbz#1693973)