diff --git a/doc/changelog.rst b/doc/changelog.rst
index dc9dd31a18..ca08190d79 100644
--- a/doc/changelog.rst
+++ b/doc/changelog.rst
@@ -8,6 +8,7 @@ Version 4.13.2 is a bug fix release.
 
 - Fixed a bug where ``AsyncMongoClient`` would block the event loop while creating new connections,
   potentially significantly increasing latency for ongoing operations.
+- Fixed a bug that resulted in confusing error messages after hostname verification errors when using PyOpenSSL.
 
 Issues Resolved
 ...............
diff --git a/pymongo/pyopenssl_context.py b/pymongo/pyopenssl_context.py
index 0d4f27cf55..08fe99c889 100644
--- a/pymongo/pyopenssl_context.py
+++ b/pymongo/pyopenssl_context.py
@@ -420,9 +420,9 @@ def wrap_socket(
                         pyopenssl.verify_ip_address(ssl_conn, server_hostname)
                     else:
                         pyopenssl.verify_hostname(ssl_conn, server_hostname)
-                except (  # type:ignore[misc]
-                    service_identity.SICertificateError,
-                    service_identity.SIVerificationError,
+                except (
+                    service_identity.CertificateError,
+                    service_identity.VerificationError,
                 ) as exc:
                     raise _CertificateError(str(exc)) from None
         return ssl_conn
diff --git a/test/asynchronous/test_ssl.py b/test/asynchronous/test_ssl.py
index 023ee91680..a05bc9379d 100644
--- a/test/asynchronous/test_ssl.py
+++ b/test/asynchronous/test_ssl.py
@@ -323,7 +323,7 @@ async def test_cert_ssl_validation_hostname_matching(self):
 
         response = await self.client.admin.command(HelloCompat.LEGACY_CMD)
 
-        with self.assertRaises(ConnectionFailure):
+        with self.assertRaises(ConnectionFailure) as cm:
             await connected(
                 self.simple_client(
                     "server",
@@ -335,6 +335,8 @@ async def test_cert_ssl_validation_hostname_matching(self):
                     **self.credentials,  # type: ignore[arg-type]
                 )
             )
+        # PYTHON-5414 Check for "module service_identity has no attribute SICertificateError"
+        self.assertNotIn("has no attribute", str(cm.exception))
 
         await connected(
             self.simple_client(
diff --git a/test/test_ssl.py b/test/test_ssl.py
index 93a4b4e6ec..3ac0a4555a 100644
--- a/test/test_ssl.py
+++ b/test/test_ssl.py
@@ -323,7 +323,7 @@ def test_cert_ssl_validation_hostname_matching(self):
 
         response = self.client.admin.command(HelloCompat.LEGACY_CMD)
 
-        with self.assertRaises(ConnectionFailure):
+        with self.assertRaises(ConnectionFailure) as cm:
             connected(
                 self.simple_client(
                     "server",
@@ -335,6 +335,8 @@ def test_cert_ssl_validation_hostname_matching(self):
                     **self.credentials,  # type: ignore[arg-type]
                 )
             )
+        # PYTHON-5414 Check for "module service_identity has no attribute SICertificateError"
+        self.assertNotIn("has no attribute", str(cm.exception))
 
         connected(
             self.simple_client(