diff --git a/src/libraries/System.Security.Cryptography/tests/X509Certificates/ChainTests.cs b/src/libraries/System.Security.Cryptography/tests/X509Certificates/ChainTests.cs
index 38c36ec904d419..99b9b3587532ef 100644
--- a/src/libraries/System.Security.Cryptography/tests/X509Certificates/ChainTests.cs
+++ b/src/libraries/System.Security.Cryptography/tests/X509Certificates/ChainTests.cs
@@ -1112,6 +1112,7 @@ public static void BuildChainForFraudulentCertificate()
         }
 
         [Fact]
+        [SkipOnPlatform(TestPlatforms.Linux, "Not supported on Linux.")]
         public static void BuildChainForCertificateSignedWithDisallowedKey()
         {
             // The intermediate certificate is from the now defunct CA DigiNotar.
@@ -1177,12 +1178,11 @@ public static void BuildChainForCertificateSignedWithDisallowedKey()
                 chain.ChainPolicy.ExtraStore.Add(intermediateCert);
                 Assert.False(chain.Build(cert));
 
-                if (PlatformDetection.IsAndroid || PlatformDetection.IsApplePlatform26OrLater || PlatformDetection.IsLinux)
+                if (PlatformDetection.IsAndroid || PlatformDetection.IsApplePlatform26OrLater)
                 {
                     // Android always validates trust as part of building a path,
                     // so violations comes back as PartialChain with no elements
                     // Apple 26 no longer block these SKIs since the roots are no longer trusted at all and are expired.
-                    // Linux has no concept of a blocked key list, they just remove certificates from a trust store.
                     Assert.Equal(X509ChainStatusFlags.PartialChain, chain.AllStatusFlags());
                 }
                 else