diff --git a/src/crypto/x509/internal/macos/security.go b/src/crypto/x509/internal/macos/security.go
index 497ba6e824..f9f37b1666 100644
--- a/src/crypto/x509/internal/macos/security.go
+++ b/src/crypto/x509/internal/macos/security.go
@@ -122,25 +122,6 @@ func SecTrustEvaluateWithError(trustObj CFRef) (int, error) {
 }
 func x509_SecTrustEvaluateWithError_trampoline()
 
-//go:cgo_import_dynamic x509_SecTrustGetCertificateCount SecTrustGetCertificateCount "/System/Library/Frameworks/Security.framework/Versions/A/Security"
-
-func SecTrustGetCertificateCount(trustObj CFRef) int {
-	ret := syscall(abi.FuncPCABI0(x509_SecTrustGetCertificateCount_trampoline), uintptr(trustObj), 0, 0, 0, 0, 0)
-	return int(ret)
-}
-func x509_SecTrustGetCertificateCount_trampoline()
-
-//go:cgo_import_dynamic x509_SecTrustGetCertificateAtIndex SecTrustGetCertificateAtIndex "/System/Library/Frameworks/Security.framework/Versions/A/Security"
-
-func SecTrustGetCertificateAtIndex(trustObj CFRef, i int) (CFRef, error) {
-	ret := syscall(abi.FuncPCABI0(x509_SecTrustGetCertificateAtIndex_trampoline), uintptr(trustObj), uintptr(i), 0, 0, 0, 0)
-	if ret == 0 {
-		return 0, OSStatus{"SecTrustGetCertificateAtIndex", int32(ret)}
-	}
-	return CFRef(ret), nil
-}
-func x509_SecTrustGetCertificateAtIndex_trampoline()
-
 //go:cgo_import_dynamic x509_SecCertificateCopyData SecCertificateCopyData "/System/Library/Frameworks/Security.framework/Versions/A/Security"
 
 func SecCertificateCopyData(cert CFRef) ([]byte, error) {
@@ -153,3 +134,14 @@ func SecCertificateCopyData(cert CFRef) ([]byte, error) {
 	return b, nil
 }
 func x509_SecCertificateCopyData_trampoline()
+
+//go:cgo_import_dynamic x509_SecTrustCopyCertificateChain SecTrustCopyCertificateChain "/System/Library/Frameworks/Security.framework/Versions/A/Security"
+
+func SecTrustCopyCertificateChain(trustObj CFRef) (CFRef, error) {
+	ret := syscall(abi.FuncPCABI0(x509_SecTrustCopyCertificateChain_trampoline), uintptr(trustObj), 0, 0, 0, 0, 0)
+	if ret == 0 {
+		return 0, OSStatus{"SecTrustCopyCertificateChain", int32(ret)}
+	}
+	return CFRef(ret), nil
+}
+func x509_SecTrustCopyCertificateChain_trampoline()
diff --git a/src/crypto/x509/internal/macos/security.s b/src/crypto/x509/internal/macos/security.s
index dc630eccb7..ca5337c788 100644
--- a/src/crypto/x509/internal/macos/security.s
+++ b/src/crypto/x509/internal/macos/security.s
@@ -21,9 +21,7 @@ TEXT ·x509_SecTrustEvaluate_trampoline(SB),NOSPLIT,$0-0
 	JMP x509_SecTrustEvaluate(SB)
 TEXT ·x509_SecTrustEvaluateWithError_trampoline(SB),NOSPLIT,$0-0
 	JMP x509_SecTrustEvaluateWithError(SB)
-TEXT ·x509_SecTrustGetCertificateCount_trampoline(SB),NOSPLIT,$0-0
-	JMP x509_SecTrustGetCertificateCount(SB)
-TEXT ·x509_SecTrustGetCertificateAtIndex_trampoline(SB),NOSPLIT,$0-0
-	JMP x509_SecTrustGetCertificateAtIndex(SB)
 TEXT ·x509_SecCertificateCopyData_trampoline(SB),NOSPLIT,$0-0
 	JMP x509_SecCertificateCopyData(SB)
+TEXT ·x509_SecTrustCopyCertificateChain_trampoline(SB),NOSPLIT,$0-0
+	JMP x509_SecTrustCopyCertificateChain(SB)
diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go
index 469e907a8e..b5d7b6350b 100644
--- a/src/crypto/x509/root_darwin.go
+++ b/src/crypto/x509/root_darwin.go
@@ -73,12 +73,13 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate
 	}
 
 	chain := [][]*Certificate{{}}
-	numCerts := macOS.SecTrustGetCertificateCount(trustObj)
-	for i := 0; i < numCerts; i++ {
-		certRef, err := macOS.SecTrustGetCertificateAtIndex(trustObj, i)
-		if err != nil {
-			return nil, err
-		}
+	chainRef, err := macOS.SecTrustCopyCertificateChain(trustObj)
+	if err != nil {
+		return nil, err
+	}
+	defer macOS.CFRelease(chainRef)
+	for i := 0; i < macOS.CFArrayGetCount(chainRef); i++ {
+		certRef := macOS.CFArrayGetValueAtIndex(chainRef, i)
 		cert, err := exportCertificate(certRef)
 		if err != nil {
 			return nil, err