diff --git a/cheroot/_compat.py b/cheroot/_compat.py
index dbe5c6d2ff..edbfe28dc6 100644
--- a/cheroot/_compat.py
+++ b/cheroot/_compat.py
@@ -8,9 +8,11 @@
 try:
     import ssl
     IS_ABOVE_OPENSSL10 = ssl.OPENSSL_VERSION_INFO >= (1, 1)
+    IS_ABOVE_OPENSSL31 = ssl.OPENSSL_VERSION_INFO >= (3, 2)
     del ssl
 except ImportError:
     IS_ABOVE_OPENSSL10 = None
+    IS_ABOVE_OPENSSL31 = None
 
 
 IS_CI = bool(os.getenv('CI'))
diff --git a/cheroot/_compat.pyi b/cheroot/_compat.pyi
index 67d93cf6c2..785259d20e 100644
--- a/cheroot/_compat.pyi
+++ b/cheroot/_compat.pyi
@@ -3,6 +3,7 @@ from typing import Any, ContextManager, Optional, Type, Union
 def suppress(*exceptions: Type[BaseException]) -> ContextManager[None]: ...
 
 IS_ABOVE_OPENSSL10: Optional[bool]
+IS_ABOVE_OPENSSL31: Optional[bool]
 IS_CI: bool
 IS_GITHUB_ACTIONS_WORKFLOW: bool
 IS_PYPY: bool
diff --git a/cheroot/test/test_ssl.py b/cheroot/test/test_ssl.py
index 1900e20d15..900d39ed36 100644
--- a/cheroot/test/test_ssl.py
+++ b/cheroot/test/test_ssl.py
@@ -17,7 +17,7 @@
 import trustme
 
 from .._compat import bton, ntob, ntou
-from .._compat import IS_ABOVE_OPENSSL10, IS_CI, IS_PYPY
+from .._compat import IS_ABOVE_OPENSSL10, IS_ABOVE_OPENSSL31, IS_CI, IS_PYPY
 from .._compat import IS_LINUX, IS_MACOS, IS_WINDOWS
 from ..server import HTTPServer, get_ssl_adapter_class
 from ..testing import (
@@ -597,7 +597,8 @@ def test_https_over_http_error(http_server, ip_addr):
             ),
         ).request('GET', '/')
     expected_substring = (
-        'wrong version number' if IS_ABOVE_OPENSSL10
+        'record layer failure' if IS_ABOVE_OPENSSL31
+        else 'wrong version number' if IS_ABOVE_OPENSSL10
         else 'unknown protocol'
     )
     assert expected_substring in ssl_err.value.args[-1]