diff --git a/ChangeLog b/ChangeLog
index 5beeb3532..8fb91cdf9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -22,6 +22,7 @@ Changes
      that prevented bignum.c from compiling. (Reported by Rafael Baptista.)
    * Revamped the compat.sh interoperatibility script to include support for
      testing against GnuTLS
+   * Deprecated ssl_set_own_cert_rsa() and ssl_set_own_cert_rsa_alt()
 
 Security
    * Forbid change of server certificate during renegotiation to prevent
@@ -29,12 +30,12 @@ Security
      attack was already impossible when authentication is required).
    * Check notBefore timestamp of certificates and CRLs from the future.
    * Forbid sequence number wrapping
-   * Fix possible buffer overflow with overlong PSK
+   * Fixed possible buffer overflow with overlong PSK
 
 Bugfix
    * ecp_gen_keypair() does more tries to prevent failure because of
      statistics
-   * Fix bug in RSA PKCS#1 v1.5 "reversed" operations
+   * Fixed bug in RSA PKCS#1 v1.5 "reversed" operations
    * Fixed testing with out-of-source builds using cmake
    * Fixed version-major intolerance in server
    * Fixed CMake symlinking on out-of-source builds
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 2e33ffd5a..c1aff67b5 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -1059,6 +1059,9 @@ int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert,
  *                 up your certificate chain. The top certificate (self-signed)
  *                 can be omitted.
  *
+ * \warning        This backwards-compatibility function is deprecated!
+ *                 Please use \c ssl_set_own_cert() instead.
+ *
  * \param ssl      SSL context
  * \param own_cert own public certificate chain
  * \param rsa_key  own private RSA key
@@ -1081,6 +1084,10 @@ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert,
  *                 up your certificate chain. The top certificate (self-signed)
  *                 can be omitted.
  *
+ * \warning        This backwards-compatibility function is deprecated!
+ *                 Please use \c pk_init_ctx_rsa_alt()
+ *                 and \c ssl_set_own_cert() instead.
+ *
  * \param ssl      SSL context
  * \param own_cert own public certificate chain
  * \param rsa_key  alternate implementation private RSA key