diff --git a/test/certs/ee-cert-ec-sha3-224.pem b/test/certs/ee-cert-ec-sha3-224.pem
new file mode 100644
index 0000000000..047517d025
--- /dev/null
+++ b/test/certs/ee-cert-ec-sha3-224.pem
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBezCCASCgAwIBAgIBAjALBglghkgBZQMEAwkwDTELMAkGA1UEAwwCQ0EwIBcN
+MjMwOTI4MDk1NjI1WhgPMjEyMzA5MjkwOTU2MjVaMBkxFzAVBgNVBAMMDnNlcnZl
+ci5leGFtcGxlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtGFOe/kRUVsa/365
+y/rzmJGN4fa6Cp78QhtO8CubXrxGLUnSs9CrB7wwQ2rcNa9yTb/ptqeeP9wKhTwG
+d+W9D6NiMGAwHQYDVR0OBBYEFMqcqbma1JdARJm7oXyaaN0BTSL1MB8GA1UdIwQY
+MBaAFGOKBTlETPwvB/WIPqYAtWGwchqeMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYI
+KwYBBQUHAwEwCwYJYIZIAWUDBAMJA0gAMEUCIG/6DFqC+WzrYaZzZ4RbsZNNtb1Z
+MwN3GXj+S8LM4c83AiEA3V5/mXHWaDi2JfjycScqnDC++awvc26rMa9vk9ZwVYM=
+-----END CERTIFICATE-----
diff --git a/test/certs/ee-cert-ec-sha3-256.pem b/test/certs/ee-cert-ec-sha3-256.pem
new file mode 100644
index 0000000000..2112ba15ce
--- /dev/null
+++ b/test/certs/ee-cert-ec-sha3-256.pem
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBejCCASCgAwIBAgIBAjALBglghkgBZQMEAwowDTELMAkGA1UEAwwCQ0EwIBcN
+MjMwOTI4MDk1NjI1WhgPMjEyMzA5MjkwOTU2MjVaMBkxFzAVBgNVBAMMDnNlcnZl
+ci5leGFtcGxlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtGFOe/kRUVsa/365
+y/rzmJGN4fa6Cp78QhtO8CubXrxGLUnSs9CrB7wwQ2rcNa9yTb/ptqeeP9wKhTwG
+d+W9D6NiMGAwHQYDVR0OBBYEFMqcqbma1JdARJm7oXyaaN0BTSL1MB8GA1UdIwQY
+MBaAFGOKBTlETPwvB/WIPqYAtWGwchqeMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYI
+KwYBBQUHAwEwCwYJYIZIAWUDBAMKA0cAMEQCIFToMNgLf3+sW1oHDhDrCQWpIzLE
+PgAdgDdtbBO7OerTAiB3vkCvu/Vs8v/6Ys/OQOsHbX0tT5NUMWZfP3X8CYUfmA==
+-----END CERTIFICATE-----
diff --git a/test/certs/ee-cert-ec-sha3-384.pem b/test/certs/ee-cert-ec-sha3-384.pem
new file mode 100644
index 0000000000..0397280f29
--- /dev/null
+++ b/test/certs/ee-cert-ec-sha3-384.pem
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBezCCASCgAwIBAgIBAjALBglghkgBZQMEAwswDTELMAkGA1UEAwwCQ0EwIBcN
+MjMwOTI1MTU0NTIxWhgPMjEyMzA5MjYxNTQ1MjFaMBkxFzAVBgNVBAMMDnNlcnZl
+ci5leGFtcGxlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtGFOe/kRUVsa/365
+y/rzmJGN4fa6Cp78QhtO8CubXrxGLUnSs9CrB7wwQ2rcNa9yTb/ptqeeP9wKhTwG
+d+W9D6NiMGAwHQYDVR0OBBYEFMqcqbma1JdARJm7oXyaaN0BTSL1MB8GA1UdIwQY
+MBaAFGOKBTlETPwvB/WIPqYAtWGwchqeMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYI
+KwYBBQUHAwEwCwYJYIZIAWUDBAMLA0gAMEUCIGq8RYriO3scZLij8fglpZOZdZRZ
+DfzsopaAvzQrwcS9AiEA0JDYvat1hiygjXUxZmWPD2cDrxogvCSsoi3QW7YtP/o=
+-----END CERTIFICATE-----
diff --git a/test/certs/ee-cert-ec-sha3-512.pem b/test/certs/ee-cert-ec-sha3-512.pem
new file mode 100644
index 0000000000..f528f8fd95
--- /dev/null
+++ b/test/certs/ee-cert-ec-sha3-512.pem
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBezCCASCgAwIBAgIBAjALBglghkgBZQMEAwwwDTELMAkGA1UEAwwCQ0EwIBcN
+MjMwOTI4MDk1NjQyWhgPMjEyMzA5MjkwOTU2NDJaMBkxFzAVBgNVBAMMDnNlcnZl
+ci5leGFtcGxlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtGFOe/kRUVsa/365
+y/rzmJGN4fa6Cp78QhtO8CubXrxGLUnSs9CrB7wwQ2rcNa9yTb/ptqeeP9wKhTwG
+d+W9D6NiMGAwHQYDVR0OBBYEFMqcqbma1JdARJm7oXyaaN0BTSL1MB8GA1UdIwQY
+MBaAFGOKBTlETPwvB/WIPqYAtWGwchqeMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYI
+KwYBBQUHAwEwCwYJYIZIAWUDBAMMA0gAMEUCIQCXnpYI3xKBcJkb5M/3vo4/xf2a
+Cdurg8zR8WyPRXdS8QIgT0DMnX5W3ZbVK4p2nd+uyZ/o29TKBLpEtsyuiiZCsS0=
+-----END CERTIFICATE-----
diff --git a/test/certs/setup.sh b/test/certs/setup.sh
index bd8d49337d..d517384301 100755
--- a/test/certs/setup.sh
+++ b/test/certs/setup.sh
@@ -471,3 +471,9 @@ OPENSSL_SIGALG=ED448 OPENSSL_KEYALG=ed448 ./mkcert.sh genee ed448 \
 ./mkcert.sh geneeextra server.example ee-key ee-cert-policies ca-key ca-cert "certificatePolicies=1.3.6.1.4.1.16604.998855.1"
 # We can create a cert with a duplicate policy oid - but its actually invalid!
 ./mkcert.sh geneeextra server.example ee-key ee-cert-policies-bad ca-key ca-cert "certificatePolicies=1.3.6.1.4.1.16604.998855.1,1.3.6.1.4.1.16604.998855.1"
+
+# EC cert signed by curve ca with SHA3-224, SHA3-256, SHA3-384, SHA3-512
+OPENSSL_SIGALG="sha3-224" ./mkcert.sh genee server.example ee-key-ec-named-named ee-cert-ec-sha3-224 ca-key-ec-named ca-cert-ec-named
+OPENSSL_SIGALG="sha3-256" ./mkcert.sh genee server.example ee-key-ec-named-named ee-cert-ec-sha3-256 ca-key-ec-named ca-cert-ec-named
+OPENSSL_SIGALG="sha3-384" ./mkcert.sh genee server.example ee-key-ec-named-named ee-cert-ec-sha3-384 ca-key-ec-named ca-cert-ec-named
+OPENSSL_SIGALG="sha3-512" ./mkcert.sh genee server.example ee-key-ec-named-named ee-cert-ec-sha3-512 ca-key-ec-named ca-cert-ec-named
diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t
index c69dcb2239..48af75ab2e 100644
--- a/test/recipes/25-test_verify.t
+++ b/test/recipes/25-test_verify.t
@@ -29,7 +29,7 @@ sub verify {
     run(app([@args]));
 }
 
-plan tests => 185;
+plan tests => 193;
 
 # Canonical success
 ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
@@ -339,7 +339,7 @@ ok(!verify("ee-cert-md5", "", ["root-cert"], ["ca-cert"]),
 
 # Explicit vs named curve tests
 SKIP: {
-    skip "EC is not supported by this OpenSSL build", 3
+    skip "EC is not supported by this OpenSSL build", 7
         if disabled("ec");
     ok(!verify("ee-cert-ec-explicit", "", ["root-cert"],
                ["ca-cert-ec-named"]),
@@ -350,6 +350,14 @@ SKIP: {
     ok(verify("ee-cert-ec-named-named", "", ["root-cert"],
               ["ca-cert-ec-named"]),
         "accept named curve leaf with named curve intermediate");
+    ok(verify("ee-cert-ec-sha3-224", "", ["root-cert"], ["ca-cert-ec-named"], ),
+        "accept cert generated with EC and SHA3-224");
+    ok(verify("ee-cert-ec-sha3-256", "", ["root-cert"], ["ca-cert-ec-named"], ),
+        "accept cert generated with EC and SHA3-256");
+    ok(verify("ee-cert-ec-sha3-384", "", ["root-cert"], ["ca-cert-ec-named"], ),
+        "accept cert generated with EC and SHA3-384");
+    ok(verify("ee-cert-ec-sha3-512", "", ["root-cert"], ["ca-cert-ec-named"], ),
+        "accept cert generated with EC and SHA3-512");
 }
 # Same as above but with base provider used for decoding
 SKIP: {
@@ -358,7 +366,7 @@ SKIP: {
     my $provpath = bldtop_dir("providers");
     my @prov = ("-provider-path", $provpath);
 
-    skip "EC is not supported or FIPS is disabled", 3
+    skip "EC is not supported or FIPS is disabled", 7
         if disabled("ec") || $no_fips;
 
     run(test(["fips_version_test", "-config", $provconf, ">3.0.0"]),
@@ -377,6 +385,14 @@ SKIP: {
     ok(verify("ee-cert-ec-named-named", "", ["root-cert"],
               ["ca-cert-ec-named"], @prov),
         "accept named curve leaf with named curve intermediate w/fips");
+    ok(verify("ee-cert-ec-sha3-224", "", ["root-cert"], ["ca-cert-ec-named"], @prov),
+        "accept cert generated with EC and SHA3-224 w/fips");
+    ok(verify("ee-cert-ec-sha3-256", "", ["root-cert"], ["ca-cert-ec-named"], @prov),
+        "accept cert generated with EC and SHA3-256 w/fips");
+    ok(verify("ee-cert-ec-sha3-384", "", ["root-cert"], ["ca-cert-ec-named"], @prov),
+        "accept cert generated with EC and SHA3-384 w/fips");
+    ok(verify("ee-cert-ec-sha3-512", "", ["root-cert"], ["ca-cert-ec-named"], @prov),
+        "accept cert generated with EC and SHA3-512 w/fips");
 
     delete $ENV{OPENSSL_CONF};
 }