Looking through all the tests I couldn't find a test whereby the server returns a valid certificate chain but during the handshake the server uses an incorrect private key, this seems like a pretty common case when a web master gets a new certificate issued based on a new keypair and installs the new cert chain but neglects to update the private key.
Looking through all the tests I couldn't find a test whereby the server returns a valid certificate chain but during the handshake the server uses an incorrect private key, this seems like a pretty common case when a web master gets a new certificate issued based on a new keypair and installs the new cert chain but neglects to update the private key.