diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 23b692c..7972ae5 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -2505,20 +2505,6 @@
 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
 requires_config_enabled MBEDTLS_RSA_C
 requires_hash_alg SHA_256
-run_test    "Opaque key for server authentication: RSA-" \
-            "$P_SRV debug_level=3 key_opaque=1 key_opaque_algs=rsa-decrypt,none " \
-            "$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \
-            0 \
-            -c "Verifying peer X.509 certificate... ok" \
-            -c "Ciphersuite is TLS-RSA-" \
-            -s "key types: Opaque, Opaque" \
-            -s "Ciphersuite is TLS-RSA-" \
-            -S "error" \
-            -C "error"
-
-requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
-requires_config_enabled MBEDTLS_RSA_C
-requires_hash_alg SHA_256
 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
 run_test    "Opaque key for server authentication: ECDHE-RSA, PSS instead of PKCS1" \
             "$P_SRV auth_mode=required key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \
@@ -3618,7 +3604,7 @@
 
 run_test    "Encrypt then MAC: default" \
             "$P_SRV debug_level=3 \
-             force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
             "$P_CLI debug_level=3" \
             0 \
             -c "client hello, adding encrypt_then_mac extension" \
@@ -3630,7 +3616,7 @@
 
 run_test    "Encrypt then MAC: client enabled, server disabled" \
             "$P_SRV debug_level=3 etm=0 \
-             force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
             "$P_CLI debug_level=3 etm=1" \
             0 \
             -c "client hello, adding encrypt_then_mac extension" \
@@ -3642,7 +3628,7 @@
 
 run_test    "Encrypt then MAC: client enabled, aead cipher" \
             "$P_SRV debug_level=3 etm=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256" \
             "$P_CLI debug_level=3 etm=1" \
             0 \
             -c "client hello, adding encrypt_then_mac extension" \
@@ -3654,7 +3640,7 @@
 
 run_test    "Encrypt then MAC: client disabled, server enabled" \
             "$P_SRV debug_level=3 etm=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
             "$P_CLI debug_level=3 etm=0" \
             0 \
             -C "client hello, adding encrypt_then_mac extension" \
@@ -3740,7 +3726,7 @@
 
 run_test    "CBC Record splitting: TLS 1.2, no splitting" \
             "$P_SRV force_version=tls12" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \
              request_size=123" \
             0 \
             -s "Read from client: 123 bytes read" \
@@ -7776,20 +7762,6 @@
 
 # Tests for keyUsage in leaf certificates, part 2:
 # client-side checking of server cert
-#
-# TLS 1.3 uses only signature, but for 1.2 it depends on the key exchange.
-# In 4.0 this will probably change as all TLS 1.2 key exchanges will use
-# signatures too, following the removal of RSA #8170 and static ECDH #9201.
-
-run_test    "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, RSA: OK" \
-            "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
-             -cert $DATA_FILES_PATH/server2.ku-ds_ke.crt" \
-            "$P_CLI debug_level=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
-            0 \
-            -C "bad certificate (usage extensions)" \
-            -C "Processing of the Certificate handshake message failed" \
-            -c "Ciphersuite is TLS-"
 
 run_test    "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, ECDHE-RSA: OK" \
             "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
@@ -7801,16 +7773,6 @@
             -C "Processing of the Certificate handshake message failed" \
             -c "Ciphersuite is TLS-"
 
-run_test    "keyUsage cli 1.2: KeyEncipherment, RSA: OK" \
-            "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
-             -cert $DATA_FILES_PATH/server2.ku-ke.crt" \
-            "$P_CLI debug_level=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
-            0 \
-            -C "bad certificate (usage extensions)" \
-            -C "Processing of the Certificate handshake message failed" \
-            -c "Ciphersuite is TLS-"
-
 run_test    "keyUsage cli 1.2: KeyEncipherment, ECDHE-RSA: fail (hard)" \
             "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
              -cert $DATA_FILES_PATH/server2.ku-ke.crt" \
@@ -7846,31 +7808,6 @@
             -C "Processing of the Certificate handshake message failed" \
             -c "Ciphersuite is TLS-"
 
-run_test    "keyUsage cli 1.2: DigitalSignature, RSA: fail (hard)" \
-            "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
-             -cert $DATA_FILES_PATH/server2.ku-ds.crt" \
-            "$P_CLI debug_level=3 \
-             force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
-            1 \
-            -c "bad certificate (usage extensions)" \
-            -c "Processing of the Certificate handshake message failed" \
-            -C "Ciphersuite is TLS-" \
-            -c "send alert level=2 message=43" \
-            -c "! Usage does not match the keyUsage extension"
-            # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT
-
-run_test    "keyUsage cli 1.2: DigitalSignature, RSA: fail (soft)" \
-            "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \
-             -cert $DATA_FILES_PATH/server2.ku-ds.crt" \
-            "$P_CLI debug_level=3 auth_mode=optional \
-             force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
-            0 \
-            -c "bad certificate (usage extensions)" \
-            -C "Processing of the Certificate handshake message failed" \
-            -c "Ciphersuite is TLS-" \
-            -C "send alert level=2 message=43" \
-            -c "! Usage does not match the keyUsage extension"
-
 requires_openssl_tls1_3_with_compatible_ephemeral
 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
 run_test    "keyUsage cli 1.3: DigitalSignature, RSA: OK" \
@@ -8981,14 +8918,14 @@
 run_test    "Small client packet TLS 1.2 BlockCipher" \
             "$P_SRV force_version=tls12" \
             "$P_CLI request_size=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -s "Read from client: 1 bytes read"
 
 run_test    "Small client packet TLS 1.2 BlockCipher, without EtM" \
             "$P_SRV force_version=tls12" \
             "$P_CLI request_size=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA etm=0" \
             0 \
             -s "Read from client: 1 bytes read"
 
@@ -9002,14 +8939,14 @@
 run_test    "Small client packet TLS 1.2 AEAD" \
             "$P_SRV force_version=tls12" \
             "$P_CLI request_size=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+             force_ciphersuite=TLS-ECDSA-RSA-WITH-AES-256-CCM" \
             0 \
             -s "Read from client: 1 bytes read"
 
 run_test    "Small client packet TLS 1.2 AEAD shorter tag" \
             "$P_SRV force_version=tls12" \
             "$P_CLI request_size=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+             force_ciphersuite=TLS-ECDSA-RSA-WITH-AES-256-CCM-8" \
             0 \
             -s "Read from client: 1 bytes read"
 
@@ -9035,7 +8972,7 @@
 run_test    "Small client packet DTLS 1.2" \
             "$P_SRV dtls=1 force_version=dtls12" \
             "$P_CLI dtls=1 request_size=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -s "Read from client: 1 bytes read"
 
@@ -9043,7 +8980,7 @@
 run_test    "Small client packet DTLS 1.2, without EtM" \
             "$P_SRV dtls=1 force_version=dtls12 etm=0" \
             "$P_CLI dtls=1 request_size=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -s "Read from client: 1 bytes read"
 
@@ -9051,13 +8988,13 @@
 
 run_test    "Small server packet TLS 1.2 BlockCipher" \
             "$P_SRV response_size=1 force_version=tls12" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -c "Read from server: 1 bytes read"
 
 run_test    "Small server packet TLS 1.2 BlockCipher, without EtM" \
             "$P_SRV response_size=1 force_version=tls12" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA etm=0" \
             0 \
             -c "Read from server: 1 bytes read"
 
@@ -9069,13 +9006,13 @@
 
 run_test    "Small server packet TLS 1.2 AEAD" \
             "$P_SRV response_size=1 force_version=tls12" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM" \
             0 \
             -c "Read from server: 1 bytes read"
 
 run_test    "Small server packet TLS 1.2 AEAD shorter tag" \
             "$P_SRV response_size=1 force_version=tls12" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM-8" \
             0 \
             -c "Read from server: 1 bytes read"
 
@@ -9099,7 +9036,7 @@
 run_test    "Small server packet DTLS 1.2" \
             "$P_SRV dtls=1 response_size=1 force_version=dtls12" \
             "$P_CLI dtls=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -c "Read from server: 1 bytes read"
 
@@ -9107,7 +9044,7 @@
 run_test    "Small server packet DTLS 1.2, without EtM" \
             "$P_SRV dtls=1 response_size=1 force_version=dtls12 etm=0" \
             "$P_CLI dtls=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -c "Read from server: 1 bytes read"
 
@@ -9121,7 +9058,7 @@
 run_test    "Large client packet TLS 1.2 BlockCipher" \
             "$P_SRV force_version=tls12" \
             "$P_CLI request_size=16384 \
-             force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
             -s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -9129,7 +9066,7 @@
 run_test    "Large client packet TLS 1.2 BlockCipher, without EtM" \
             "$P_SRV force_version=tls12" \
             "$P_CLI request_size=16384 etm=0 \
-             force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -s "Read from client: $MAX_CONTENT_LEN bytes read"
 
@@ -9144,7 +9081,7 @@
 run_test    "Large client packet TLS 1.2 AEAD" \
             "$P_SRV force_version=tls12" \
             "$P_CLI request_size=16384 \
-             force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM" \
             0 \
             -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
             -s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -9152,7 +9089,7 @@
 run_test    "Large client packet TLS 1.2 AEAD shorter tag" \
             "$P_SRV force_version=tls12" \
             "$P_CLI request_size=16384 \
-             force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM-8" \
             0 \
             -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
             -s "Read from client: $MAX_CONTENT_LEN bytes read"
@@ -9178,13 +9115,13 @@
 # The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
 run_test    "Large server packet TLS 1.2 BlockCipher" \
             "$P_SRV response_size=16384 force_version=tls12" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -c "Read from server: 16384 bytes read"
 
 run_test    "Large server packet TLS 1.2 BlockCipher, without EtM" \
             "$P_SRV response_size=16384 force_version=tls12" \
-            "$P_CLI etm=0 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
+            "$P_CLI etm=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
             0 \
             -s "16384 bytes written in 1 fragments" \
             -c "Read from server: 16384 bytes read"
@@ -9197,20 +9134,20 @@
 
 run_test    "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
             "$P_SRV response_size=16384 trunc_hmac=1 force_version=tls12" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
             0 \
             -s "16384 bytes written in 1 fragments" \
             -c "Read from server: 16384 bytes read"
 
 run_test    "Large server packet TLS 1.2 AEAD" \
             "$P_SRV response_size=16384 force_version=tls12" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM" \
             0 \
             -c "Read from server: 16384 bytes read"
 
 run_test    "Large server packet TLS 1.2 AEAD shorter tag" \
             "$P_SRV response_size=16384 force_version=tls12" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CCM-8" \
             0 \
             -c "Read from server: 16384 bytes read"
 
@@ -9542,7 +9479,7 @@
 run_test    "SSL async private: decrypt, delay=0" \
             "$P_SRV \
              async_operations=d async_private_delay1=0 async_private_delay2=0" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
             0 \
             -s "Async decrypt callback: using key slot " \
             -s "Async resume (slot [0-9]): decrypt done, status=0"
@@ -9551,38 +9488,12 @@
 run_test    "SSL async private: decrypt, delay=1" \
             "$P_SRV \
              async_operations=d async_private_delay1=1 async_private_delay2=1" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
             0 \
             -s "Async decrypt callback: using key slot " \
             -s "Async resume (slot [0-9]): call 0 more times." \
             -s "Async resume (slot [0-9]): decrypt done, status=0"
 
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test    "SSL async private: sign callback not present" \
-            "$P_SRV \
-             async_operations=d async_private_delay1=1 async_private_delay2=1" \
-            "$P_CLI force_version=tls12; [ \$? -eq 1 ] &&
-             $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
-            0 \
-            -S "Async sign callback" \
-            -s "! mbedtls_ssl_handshake returned" \
-            -s "The own private key or pre-shared key is not set, but needed" \
-            -s "Async resume (slot [0-9]): decrypt done, status=0" \
-            -s "Successful connection"
-
-requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
-run_test    "SSL async private: decrypt callback not present" \
-            "$P_SRV debug_level=1 \
-             async_operations=s async_private_delay1=1 async_private_delay2=1" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA;
-             [ \$? -eq 1 ] && $P_CLI force_version=tls12" \
-            0 \
-            -S "Async decrypt callback" \
-            -s "! mbedtls_ssl_handshake returned" \
-            -s "got no RSA private key" \
-            -s "Async resume (slot [0-9]): sign done, status=0" \
-            -s "Successful connection"
-
 # key1: ECDSA, key2: RSA; use key1 from slot 0
 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
 run_test    "SSL async private: slot 0 used with key1" \
@@ -9673,7 +9584,7 @@
             "$P_SRV \
              async_operations=d async_private_delay1=1 async_private_delay2=1 \
              async_private_error=1" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
             1 \
             -s "Async decrypt callback: injected error" \
             -S "Async resume" \
@@ -9685,7 +9596,7 @@
             "$P_SRV \
              async_operations=d async_private_delay1=1 async_private_delay2=1 \
              async_private_error=2" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
             1 \
             -s "Async decrypt callback: using key slot " \
             -S "Async resume" \
@@ -9696,7 +9607,7 @@
             "$P_SRV \
              async_operations=d async_private_delay1=1 async_private_delay2=1 \
              async_private_error=3" \
-            "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+            "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
             1 \
             -s "Async decrypt callback: using key slot " \
             -s "Async resume callback: decrypt done but injected error" \
@@ -9797,7 +9708,7 @@
              async_operations=d async_private_delay1=1 async_private_delay2=1 \
              exchanges=2 renegotiation=1" \
             "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
             0 \
             -s "Async decrypt callback: using key slot " \
             -s "Async resume (slot [0-9]): decrypt done, status=0"
@@ -9809,7 +9720,7 @@
              async_operations=d async_private_delay1=1 async_private_delay2=1 \
              exchanges=2 renegotiation=1 renegotiate=1" \
             "$P_CLI exchanges=2 renegotiation=1 \
-             force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
             0 \
             -s "Async decrypt callback: using key slot " \
             -s "Async resume (slot [0-9]): decrypt done, status=0"
@@ -9817,10 +9728,10 @@
 # Tests for ECC extensions (rfc 4492)
 
 requires_hash_alg SHA_256
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
 run_test    "Force a non ECC ciphersuite in the client side" \
-            "$P_SRV debug_level=3" \
-            "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
+            "$P_SRV debug_level=3 psk=73776f726466697368" \
+            "$P_CLI debug_level=3 psk=73776f726466697368 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA256" \
             0 \
             -C "client hello, adding supported_groups extension" \
             -C "client hello, adding supported_point_formats extension" \
@@ -9828,10 +9739,10 @@
             -S "found supported point formats extension"
 
 requires_hash_alg SHA_256
-requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+requires_config_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
 run_test    "Force a non ECC ciphersuite in the server side" \
-            "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
-            "$P_CLI debug_level=3" \
+            "$P_SRV debug_level=3 psk=73776f726466697368 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA256" \
+            "$P_CLI debug_level=3 psk=73776f726466697368" \
             0 \
             -C "found supported_point_formats extension" \
             -S "server hello, supported_point_formats extension"
@@ -11792,11 +11703,11 @@
             -c "HTTP/1.0 200 OK"
 
 client_needs_more_time 2
-run_test    "DTLS proxy: 3d, \"short\" RSA handshake" \
+run_test    "DTLS proxy: 3d, \"short\" ECDHE-RSA handshake" \
             -p "$P_PXY drop=5 delay=5 duplicate=5" \
             "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
             "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \
-             force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
+             force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA" \
             0 \
             -s "Extra-header:" \
             -c "HTTP/1.0 200 OK"
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index cd0c303..1d07c42 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -368,9 +368,9 @@
 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
 handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0
 
-Handshake, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0
+Handshake, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM":MBEDTLS_PK_ECDSA:0
 
 Handshake, ECDHE-RSA-WITH-AES-256-CBC-SHA384
 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
@@ -396,9 +396,9 @@
 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
 handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1
 
-DTLS Handshake, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1
+DTLS Handshake, ECDHE-ECDSA-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-128-CCM":MBEDTLS_PK_ECDSA:1
 
 DTLS Handshake, ECDHE-RSA-WITH-AES-256-CBC-SHA384
 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_RSA_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
@@ -435,22 +435,6 @@
 depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_PKCS1_V21:MBEDTLS_X509_RSASSA_PSS_SUPPORT
 handshake_version:0:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_TLS1_3
 
-Handshake, select RSA-WITH-AES-256-CBC-SHA256, non-opaque
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
-
-Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
-
-Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad alg
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
-
-Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad usage
-depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
-handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0
-
 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque
 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_RSA_C:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
 handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
@@ -712,53 +696,53 @@
 depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384"
 
-DTLS no legacy renegotiation with MFL=512, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS no legacy renegotiation with MFL=512, PSK-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM"
 
-DTLS no legacy renegotiation with MFL=1024, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS no legacy renegotiation with MFL=1024, PSK-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM"
 
-DTLS no legacy renegotiation with MFL=2048, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS no legacy renegotiation with MFL=2048, PSK-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM"
 
-DTLS no legacy renegotiation with MFL=4096, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS no legacy renegotiation with MFL=4096, PSK-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM"
 
-DTLS legacy allow renegotiation with MFL=512, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy allow renegotiation with MFL=512, PSK-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM"
 
-DTLS legacy allow renegotiation with MFL=1024, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy allow renegotiation with MFL=1024, PSK-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM"
 
-DTLS legacy allow renegotiation with MFL=2048, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy allow renegotiation with MFL=2048, PSK-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM"
 
-DTLS legacy allow renegotiation with MFL=4096, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy allow renegotiation with MFL=4096, PSK-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-PSK-WITH-AES-128-CCM"
 
-DTLS legacy break handshake renegotiation with MFL=512, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy break handshake renegotiation with MFL=512, PSK-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-PSK-WITH-AES-128-CCM"
 
-DTLS legacy break handshake renegotiation with MFL=1024, RSA-WITH-AES-128-CCM
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
+DTLS legacy break handshake renegotiation with MFL=1024, PSK-WITH-AES-128-CCM
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-PSK-WITH-AES-128-CCM"
 
-DTLS legacy break handshake renegotiation with MFL=2048, RSA-WITH-AES-128-CCM
+DTLS legacy break handshake renegotiation with MFL=2048, PSK-WITH-AES-128-CCM
 depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-PSK-WITH-AES-128-CCM"
 
-DTLS legacy break handshake renegotiation with MFL=4096, RSA-WITH-AES-128-CCM
+DTLS legacy break handshake renegotiation with MFL=4096, PSK-WITH-AES-128-CCM
 depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM"
+resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-PSK-WITH-AES-128-CCM"
 
 DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-CBC-SHA384
 depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_ALG_SHA_384:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH