diff --git a/src/libraries/Common/src/Interop/OSX/System.Security.Cryptography.Native.Apple/Interop.Ssl.cs b/src/libraries/Common/src/Interop/OSX/System.Security.Cryptography.Native.Apple/Interop.Ssl.cs
index 9abf075d60c967..d24a7314592000 100644
--- a/src/libraries/Common/src/Interop/OSX/System.Security.Cryptography.Native.Apple/Interop.Ssl.cs
+++ b/src/libraries/Common/src/Interop/OSX/System.Security.Cryptography.Native.Apple/Interop.Ssl.cs
@@ -16,8 +16,6 @@ internal static partial class Interop
 {
     internal static partial class AppleCrypto
     {
-        private static readonly IdnMapping s_idnMapping = new IdnMapping();
-
         // Read data from connection (or an instance delegate captured context) and write it to data
         // dataLength comes in as the capacity of data, goes out as bytes written.
         // Note: the true type of dataLength is `size_t*`, but on macOS that's most equal to `void**`
@@ -152,13 +150,6 @@ internal static unsafe partial int SslSetIoCallbacks(
         [LibraryImport(Interop.Libraries.AppleCryptoNative, EntryPoint = "AppleCryptoNative_SslRead")]
         internal static unsafe partial PAL_TlsIo SslRead(SafeSslHandle sslHandle, byte* writeFrom, int count, out int bytesWritten);
 
-        [LibraryImport(Interop.Libraries.AppleCryptoNative)]
-        private static partial int AppleCryptoNative_SslIsHostnameMatch(
-            SafeSslHandle handle,
-            SafeCreateHandle cfHostname,
-            SafeCFDateHandle cfValidTime,
-            out int pOSStatus);
-
         [LibraryImport(Interop.Libraries.AppleCryptoNative, EntryPoint = "AppleCryptoNative_SslShutdown")]
         internal static partial int SslShutdown(SafeSslHandle sslHandle);
 
@@ -462,40 +453,6 @@ internal static unsafe int SslCtxSetAlpnProtocol(SafeSslHandle ctx, SslApplicati
                 protocol.Dispose();
             }
         }
-
-        public static bool SslCheckHostnameMatch(SafeSslHandle handle, string hostName, DateTime notBefore, out int osStatus)
-        {
-            int result;
-            // The IdnMapping converts Unicode input into the IDNA punycode sequence.
-            // It also does host case normalization.  The bypass logic would be something
-            // like "all characters being within [a-z0-9.-]+"
-            //
-            // The SSL Policy (SecPolicyCreateSSL) has been verified as not inherently supporting
-            // IDNA as of macOS 10.12.1 (Sierra).  If it supports low-level IDNA at a later date,
-            // this code could be removed.
-            //
-            // It was verified as supporting case invariant match as of 10.12.1 (Sierra).
-            string matchName = string.IsNullOrEmpty(hostName) ? string.Empty : s_idnMapping.GetAscii(hostName);
-
-            using (SafeCFDateHandle cfNotBefore = CoreFoundation.CFDateCreate(notBefore))
-            using (SafeCreateHandle cfHostname = CoreFoundation.CFStringCreateWithCString(matchName))
-            {
-                result = AppleCryptoNative_SslIsHostnameMatch(handle, cfHostname, cfNotBefore, out osStatus);
-            }
-
-            switch (result)
-            {
-                case 0:
-                    return false;
-                case 1:
-                    return true;
-                default:
-                    if (NetEventSource.Log.IsEnabled())
-                        NetEventSource.Error(null, $"AppleCryptoNative_SslIsHostnameMatch returned '{result}' for '{hostName}'");
-                    Debug.Fail($"AppleCryptoNative_SslIsHostnameMatch returned {result}");
-                    throw new SslException();
-            }
-        }
     }
 }
 
diff --git a/src/libraries/System.Net.Security/src/System.Net.Security.csproj b/src/libraries/System.Net.Security/src/System.Net.Security.csproj
index 032dc286c46da8..c82d7803598c49 100644
--- a/src/libraries/System.Net.Security/src/System.Net.Security.csproj
+++ b/src/libraries/System.Net.Security/src/System.Net.Security.csproj
@@ -442,6 +442,8 @@
              Link="Common\Interop\OSX\System.Security.Cryptography.Native.Apple\Interop.X509Chain.cs" />
     
+    
     
     
     
diff --git a/src/libraries/System.Net.Security/src/System/Net/CertificateValidationPal.OSX.cs b/src/libraries/System.Net.Security/src/System/Net/CertificateValidationPal.OSX.cs
index 3bd0c7142c3fc6..48ece23743274d 100644
--- a/src/libraries/System.Net.Security/src/System/Net/CertificateValidationPal.OSX.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/CertificateValidationPal.OSX.cs
@@ -10,41 +10,14 @@ namespace System.Net
     internal static partial class CertificateValidationPal
     {
         internal static SslPolicyErrors VerifyCertificateProperties(
-            SafeDeleteContext securityContext,
+            SafeDeleteContext? _ /*securityContext*/,
             X509Chain chain,
-            X509Certificate2? remoteCertificate,
+            X509Certificate2 remoteCertificate,
             bool checkCertName,
             bool isServer,
             string? hostName)
         {
-            SslPolicyErrors errors = SslPolicyErrors.None;
-
-            if (remoteCertificate == null)
-            {
-                errors |= SslPolicyErrors.RemoteCertificateNotAvailable;
-            }
-            else
-            {
-                if (!chain.Build(remoteCertificate))
-                {
-                    errors |= SslPolicyErrors.RemoteCertificateChainErrors;
-                }
-
-                if (!isServer && checkCertName)
-                {
-                    SafeDeleteSslContext sslContext = (SafeDeleteSslContext)securityContext;
-
-                    if (!Interop.AppleCrypto.SslCheckHostnameMatch(sslContext.SslContext, hostName!, remoteCertificate.NotBefore, out int osStatus))
-                    {
-                        errors |= SslPolicyErrors.RemoteCertificateNameMismatch;
-
-                        if (NetEventSource.Log.IsEnabled())
-                            NetEventSource.Error(sslContext, $"Cert name validation for '{hostName}' failed with status '{osStatus}'");
-                    }
-                }
-            }
-
-            return errors;
+            return CertificateValidation.BuildChainAndVerifyProperties(chain, remoteCertificate, checkCertName, isServer, hostName, Span.Empty);
         }
 
         private static X509Certificate2? GetRemoteCertificate(
diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSniTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSniTest.cs
index a510fedaf47fd6..7bbd1359d04b55 100644
--- a/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSniTest.cs
+++ b/src/libraries/System.Net.Security/tests/FunctionalTests/SslStreamSniTest.cs
@@ -378,7 +378,7 @@ public static IEnumerable