diff --git a/build/tests/01-base.sh b/build/tests/01-base.sh
index d19488e08cf8..7786204d60f8 100755
--- a/build/tests/01-base.sh
+++ b/build/tests/01-base.sh
@@ -107,13 +107,8 @@ assert_exec 0 'root' "/usr/local/openresty/bin/resty -e 'print(jit.version)' | g
 ###
 
 # check which ssl openresty is using
-if docker_exec root '/usr/local/openresty/bin/openresty -V 2>&1' | grep 'BoringSSL'; then
-    msg_test 'openresty binary uses expected boringssl version'
-    assert_exec 0 'root' "/usr/local/openresty/bin/openresty -V 2>&1 | grep '1.1.0'"
-else
-    msg_test 'openresty binary uses expected openssl version'
-    assert_exec 0 'root' "/usr/local/openresty/bin/openresty -V 2>&1 | grep '${OPENSSL}'"
-fi
+msg_test 'openresty binary uses expected openssl version'
+assert_exec 0 'root' "/usr/local/openresty/bin/openresty -V 2>&1 | grep '${OPENSSL}'"
 
 msg_test 'openresty binary is linked to kong-provided ssl libraries'
 assert_exec 0 'root' "ldd /usr/local/openresty/bin/openresty | grep -E 'libssl.so.*kong/lib'"
diff --git a/spec/helpers/ssl.lua b/spec/helpers/ssl.lua
index 204403cf5264..03714ce4badc 100644
--- a/spec/helpers/ssl.lua
+++ b/spec/helpers/ssl.lua
@@ -2,7 +2,6 @@ local ffi = require "ffi"
 local C = ffi.C
 local bit = require "bit"
 local format_error = require("resty.openssl.err").format_error
-local BORINGSSL = require("resty.openssl.version").BORINGSSL
 require "resty.openssl.include.ssl"
 
 ffi.cdef [[
@@ -76,24 +75,18 @@ local errors = {
   SSL_ERROR_WANT_RETRY_VERIFY = 12,
 }
 
+local SOCKET_INVALID = -1
+local SSL_FILETYPE_PEM = 1
+
 local errors_literal = {}
 for k, v in pairs(errors) do
   errors_literal[v] = k
 end
 
-local SOCKET_INVALID = -1
-
-
-local ssl_set_mode
-if BORINGSSL then
-  ssl_set_mode = function(...) return C.SSL_set_mode(...) end
-else
-  local SSL_CTRL_MODE = 33
-  ssl_set_mode = function(ctx, mode) return C.SSL_ctrl(ctx, SSL_CTRL_MODE, mode, nil) end
+local function ssl_set_mode(ctx, mode)
+  return C.SSL_ctrl(ctx, 33, mode, nil)
 end
 
-local SSL_FILETYPE_PEM = 1
-
 local function ssl_ctx_new(cfg)
   if cfg.protocol and cfg.protocol ~= "any" then
     return nil, "protocol other than 'any' is currently not supported"
@@ -166,10 +159,10 @@ function SSL.wrap(sock, cfg)
       ctx = s,
       fd = fd,
     }, ssl_mt)
-  
+
     return self, nil
    end
-   return nil, err 
+   return nil, err
 end
 
 local function socket_waitfd(fd, events, timeout)