diff --git a/src/test/ssl/ServerSetup.pm b/src/test/ssl/ServerSetup.pm
index 4ce4a69e741b0275750f8df054f3cafda7ca9402..bbff99a3bdb8cd913a2334270cef2da8e1880a7a 100644
--- a/src/test/ssl/ServerSetup.pm
+++ b/src/test/ssl/ServerSetup.pm
@@ -43,6 +43,20 @@ sub copy_files
 	}
 }
 
+# Perform chmod on a set of files, taking into account wildcards
+sub chmod_files
+{
+	my $mode = shift;
+	my $file_expr = shift;
+
+	my @all_files = glob $file_expr;
+	foreach my $file_entry (@all_files)
+	{
+		chmod $mode, $file_entry
+		  or die "Could not run chmod with mode $mode on $file_entry";
+	}
+}
+
 sub configure_test_server_for_ssl
 {
 	my $tempdir = $_[0];
@@ -68,7 +82,7 @@ sub configure_test_server_for_ssl
 # Copy all server certificates and keys, and client root cert, to the data dir
 	copy_files("ssl/server-*.crt", "$tempdir/pgdata");
 	copy_files("ssl/server-*.key", "$tempdir/pgdata");
-	system_or_bail "chmod 0600 '$tempdir'/pgdata/server-*.key";
+	chmod_files(0600, "$tempdir/pgdata/server-*.key");
 	copy_files("ssl/root+client_ca.crt", "$tempdir/pgdata");
 	copy_files("ssl/root+client.crl",    "$tempdir/pgdata");
 
diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl
index 926b529198d6b2f073f9764d5a055b8030dc2644..5d24d8de520232167bbb98309b3a1e553682d845 100644
--- a/src/test/ssl/t/001_ssltests.pl
+++ b/src/test/ssl/t/001_ssltests.pl
@@ -78,7 +78,7 @@ sub test_connect_fails
 # The client's private key must not be world-readable. Git doesn't track
 # permissions (except for the executable bit), so they might be wrong after
 # a checkout.
-system_or_bail "chmod 0600 ssl/client.key";
+chmod 0600, "ssl/client.key";
 
 #### Part 0. Set up the server.