diff --git a/CHANGES b/CHANGES
index c87a7d437cfca714467d8853e5b5f14939924d8f..b16e1d7d8976a44b5bb48a0ebc1c77640b5099fc 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,17 @@
 
  Changes between 0.9.5 and 0.9.5a  [XX XXX 2000]
 
+  *) For easily testing in shell scripts whether some command exists,
+     'openssl no-XXX' returns with exit code 0 iff the command XXX is
+     available.  'no-XXX' is printed in this case, 'XXX' otherwise
+     (i.e. when a command of this name exists).  In both cases,
+     the output goes to stdout and nothing is printed to stderr.
+     Additional arguments are always ignored.
+
+     Since for each cipher there is a command of the same name,
+     the 'no-cipher' compilation switches can be tested this way.
+     [Bodo Moeller]
+
   *) Update test suite so that 'make test' succeeds in 'no-rsa' configuration.
      [Bodo Moeller]
 
diff --git a/apps/openssl.c b/apps/openssl.c
index 2e1b606a52923c7f3ca0fca82741eb08606d5550..9ddd5364540f534bb694f382f14f6b46d1ac1b20 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -233,6 +233,18 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 		{
 		ret=fp->func(argc,argv);
 		}
+	else if ((strncmp(argv[0],"no-",3)) == 0)
+		{
+		BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
+		f.name=argv[0]+3;
+		ret = (lh_retrieve(prog,&f) != NULL);
+		if (!ret)
+			BIO_printf(bio_stdout, "%s\n", argv[0]);
+		else
+			BIO_printf(bio_stdout, "%s\n", argv[0]+3);
+		BIO_free(bio_stdout);
+		goto end;
+		}
 	else if ((strcmp(argv[0],"quit") == 0) ||
 		(strcmp(argv[0],"q") == 0) ||
 		(strcmp(argv[0],"exit") == 0) ||
diff --git a/test/Makefile.ssl b/test/Makefile.ssl
index 8cd3be0eaa2d23daff9d56cb90592e3b7f4fd21b..5f3636401799e9db280244c68dc4dae1ad974353 100644
--- a/test/Makefile.ssl
+++ b/test/Makefile.ssl
@@ -215,11 +215,11 @@ test_ssl: keyU.ss certU.ss certCA.ss
 	@sh ./testssl keyU.ss certU.ss certCA.ss
 
 test_ca:
-	@if ../apps/openssl list-standard-commands | grep '^rsa$$' >/dev/null; then \
+	@if ../apps/openssl no-rsa; then \
+	  echo "skipping CA.sh test -- requires RSA"; \
+	else \
 	  echo "Generate and certify a test certificate via the 'ca' program"; \
 	  sh ./testca; \
-	else \
-	  echo "skipping CA.sh test -- requires RSA"; \
  	fi
 
 lint:
diff --git a/test/testgen b/test/testgen
index f2db42cb247c84f89aee7c4503ea610e5920644b..6a4b6b922128ea8334415bd87b8582701bd4b78a 100644
--- a/test/testgen
+++ b/test/testgen
@@ -13,12 +13,12 @@ echo "generating certificate request"
 
 echo "string to make the random number generator think it has entropy" >> ./.rnd
 
-if ../apps/openssl list-standard-commands | grep '^rsa$' >/dev/null; then
+if ../apps/openssl no-rsa; then
+  req_new='-newkey dsa:../apps/dsa512.pem'
+else
   req_new='-new'
   echo "There should be a 2 sequences of .'s and some +'s."
   echo "There should not be more that at most 80 per line"
-else
-  req_new='-newkey dsa:../apps/dsa512.pem'
 fi
 
 echo "This could take some time."
diff --git a/test/testss b/test/testss
index bcc4f5295e7bc1dc1911b2f605b813b98eea209f..2f600f04d8ea512ff1af651ce80b185b1e5a75fa 100644
--- a/test/testss
+++ b/test/testss
@@ -20,10 +20,10 @@ Ucert="certU.ss"
 echo
 echo "make a certificate request using 'req'"
 
-if ../apps/openssl list-standard-commands | grep '^rsa$' >/dev/null; then
-  req_new='-new'
-else
+if ../apps/openssl no-rsa; then
   req_new='-newkey dsa:../apps/dsa512.pem'
+else
+  req_new='-new'
 fi
 
 $reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
diff --git a/test/testssl b/test/testssl
index 873df83128e9effd62074294ae292c13b570423e..2151a6438cdab64341bb30711efe7b2c79df98ae 100644
--- a/test/testssl
+++ b/test/testssl
@@ -115,7 +115,9 @@ $ssltest -bio_pair -server_auth -client_auth $CA || exit 1
 echo test tls1 with 1024bit anonymous DH, multiple handshakes
 $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time || exit 1
 
-if ../apps/openssl list-standard-commands | grep '^rsa$' >/dev/null; then
+if ../apps/openssl no-rsa; then
+  echo skipping RSA tests
+else
   echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
   ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time || exit 1
 
diff --git a/test/trsa b/test/trsa
index a7a624978f329225a346185611581a4891777d00..bd6c07650a5b69efbedc1b36fb8946d221bd265d 100644
--- a/test/trsa
+++ b/test/trsa
@@ -3,10 +3,8 @@
 PATH=../apps:$PATH
 export PATH
 
-if ../apps/openssl list-standard-commands | grep '^rsa$' >/dev/null; then
-  echo openssl rsa command available
-else
-  echo openssl rsa command not available, skipping test
+if ../apps/openssl no-rsa; then
+  echo skipping rsa conversion test
   exit 0
 fi