--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -271,6 +271,7 @@
     char *errstr = NULL;
     int ret;
     int verification_mode;
+    struct stat stat_buf;
 
     self = PyObject_New(PySSLObject, &PySSL_Type); /* Create new object */
     if (self == NULL)
@@ -331,11 +332,23 @@
                             "verification of other-side certificates.");
             goto fail;
         } else {
-            PySSL_BEGIN_ALLOW_THREADS
-            ret = SSL_CTX_load_verify_locations(self->ctx,
-                                                cacerts_file,
-                                                NULL);
-            PySSL_END_ALLOW_THREADS
+            /* If cacerts_file is a directory-based cert store, pass it as the
+               third parameter, CApath, instead
+            */
+            if (stat(cacerts_file, &stat_buf) == 0 && S_ISDIR(stat_buf.st_mode)) {
+                PySSL_BEGIN_ALLOW_THREADS
+                ret = SSL_CTX_load_verify_locations(self->ctx,
+                                                    NULL,
+                                                    cacerts_file);
+                PySSL_END_ALLOW_THREADS
+            } else {
+                PySSL_BEGIN_ALLOW_THREADS
+                ret = SSL_CTX_load_verify_locations(self->ctx,
+                                                    cacerts_file,
+                                                    NULL);
+                PySSL_END_ALLOW_THREADS
+            }
+
             if (ret != 1) {
                 _setSSLError(NULL, 0, __FILE__, __LINE__);
                 goto fail;