diff --git a/mozilla/security/nss/lib/ssl/authcert.c b/mozilla/security/nss/lib/ssl/authcert.c
index 9a23ce21813..23982412e60 100644
--- a/mozilla/security/nss/lib/ssl/authcert.c
+++ b/mozilla/security/nss/lib/ssl/authcert.c
@@ -32,7 +32,7 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  *
- * $Id: authcert.c,v 1.2 2001-12-07 01:36:21 relyea%netscape.com Exp $
+ * $Id: authcert.c,v 1.3 2003-04-09 22:23:10 jpierre%netscape.com Exp $
  */
 
 #include <stdio.h>
@@ -68,7 +68,9 @@ NSS_GetClientAuthData(void *                       arg,
   proto_win = SSL_RevealPinArg(socket);
   
   if (chosenNickName) {
-    cert = PK11_FindCertFromNickname(chosenNickName, proto_win);
+    cert = CERT_FindUserCertByUsage(CERT_GetDefaultCertDB(),
+                                    chosenNickName, certUsageSSLClient,
+                                    PR_FALSE, proto_win);	
     if ( cert ) {
       privkey = PK11_FindKeyByAnyCert(cert, proto_win);
       if ( privkey ) {
@@ -85,7 +87,9 @@ NSS_GetClientAuthData(void *                       arg,
 				  SEC_CERT_NICKNAMES_USER, proto_win);
     if (names != NULL) {
       for (i = 0; i < names->numnicknames; i++) {
-	cert = PK11_FindCertFromNickname(names->nicknames[i],proto_win);
+	cert = CERT_FindUserCertByUsage(CERT_GetDefaultCertDB(),
+                            names->nicknames[i], certUsageSSLClient,
+                            PR_FALSE, proto_win);	
 	if ( !cert )
 	  continue;
 	/* Only check unexpired certs */