diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 27ae1e5..05a7f0d 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -66,6 +66,11 @@ jobs:
         env:
           RUST_BACKTRACE: 1
 
+      - name: cargo test (debug; defaults+ring)
+        run: cargo test --no-default-features --features ring,native-tokio,http1,tls12,logging
+        env:
+          RUST_BACKTRACE: 1
+
       - name: cargo test (debug; all features)
         run: cargo test --all-features
         env:
diff --git a/Cargo.toml b/Cargo.toml
index f7e52a4..6508406 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "hyper-rustls"
-version = "0.26.0"
+version = "0.27.0"
 edition = "2021"
 rust-version = "1.64"
 license = "Apache-2.0 OR ISC OR MIT"
@@ -17,10 +17,10 @@ hyper-util = { version = "0.1", default-features = false, features = ["client-le
 log = { version = "0.4.4", optional = true }
 pki-types = { package = "rustls-pki-types", version = "1" }
 rustls-native-certs = { version = "0.7", optional = true }
-rustls-platform-verifier = { version = "0.2", optional = true }
-rustls = { version = "0.22", default-features = false }
+rustls-platform-verifier = { version = "0.3", optional = true }
+rustls = { version = "0.23", default-features = false }
 tokio = "1.0"
-tokio-rustls = { version = "0.25", default-features = false }
+tokio-rustls = { version = "0.26", default-features = false }
 tower-service = "0.3"
 webpki-roots = { version = "0.26", optional = true }
 futures-util = { version = "0.3", default-features = false }
@@ -28,12 +28,12 @@ futures-util = { version = "0.3", default-features = false }
 [dev-dependencies]
 http-body-util = "0.1"
 hyper-util = { version = "0.1", default-features = false, features = ["server-auto"] }
-rustls = { version = "0.22", default-features = false, features = ["tls12"] }
+rustls = { version = "0.23", default-features = false, features = ["tls12"] }
 rustls-pemfile = "2"
 tokio = { version = "1.0", features = ["io-std", "macros", "net", "rt-multi-thread"] }
 
 [features]
-default = ["native-tokio", "http1", "tls12", "logging", "ring"]
+default = ["native-tokio", "http1", "tls12", "logging", "aws-lc-rs"]
 aws-lc-rs = ["rustls/aws_lc_rs"]
 http1 = ["hyper-util/http1"]
 http2 = ["hyper-util/http2"]
@@ -51,7 +51,7 @@ required-features = ["native-tokio", "http1"]
 [[example]]
 name = "server"
 path = "examples/server.rs"
-required-features = ["ring"]
+required-features = ["aws-lc-rs"]
 
 [package.metadata.docs.rs]
 all-features = true
diff --git a/examples/client.rs b/examples/client.rs
index 36d5c6f..c45bc2a 100644
--- a/examples/client.rs
+++ b/examples/client.rs
@@ -26,6 +26,12 @@ fn error(err: String) -> io::Error {
 
 #[tokio::main]
 async fn run_client() -> io::Result<()> {
+    // Set a process wide default crypto provider.
+    #[cfg(feature = "ring")]
+    let _ = rustls::crypto::ring::default_provider().install_default();
+    #[cfg(feature = "aws-lc-rs")]
+    let _ = rustls::crypto::aws_lc_rs::default_provider().install_default();
+
     // First parameter is target URL (mandatory).
     let url = match env::args().nth(1) {
         Some(ref url) => Uri::from_str(url).map_err(|e| error(format!("{}", e)))?,
diff --git a/examples/server.rs b/examples/server.rs
index ffdb38f..8f7803f 100644
--- a/examples/server.rs
+++ b/examples/server.rs
@@ -7,7 +7,6 @@
 
 use std::net::{Ipv4Addr, SocketAddr};
 use std::sync::Arc;
-use std::vec::Vec;
 use std::{env, fs, io};
 
 use http::{Method, Request, Response, StatusCode};
@@ -35,6 +34,12 @@ fn error(err: String) -> io::Error {
 
 #[tokio::main]
 async fn run_server() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
+    // Set a process wide default crypto provider.
+    #[cfg(feature = "ring")]
+    let _ = rustls::crypto::ring::default_provider().install_default();
+    #[cfg(feature = "aws-lc-rs")]
+    let _ = rustls::crypto::aws_lc_rs::default_provider().install_default();
+
     // First parameter is port number (optional, defaults to 1337)
     let port = match env::args().nth(1) {
         Some(ref p) => p.parse()?,
diff --git a/src/connector/builder.rs b/src/connector/builder.rs
index 3e1abda..b628b1a 100644
--- a/src/connector/builder.rs
+++ b/src/connector/builder.rs
@@ -17,12 +17,15 @@ use crate::config::ConfigBuilderExt;
 /// ```
 /// use hyper_rustls::HttpsConnectorBuilder;
 ///
-/// # #[cfg(all(feature = "webpki-roots", feature = "http1"))]
-/// let https = HttpsConnectorBuilder::new()
+/// # #[cfg(all(feature = "webpki-roots", feature = "http1", feature="aws-lc-rs"))]
+/// # {
+/// # let _ = rustls::crypto::aws_lc_rs::default_provider().install_default();
+///     let https = HttpsConnectorBuilder::new()
 ///     .with_webpki_roots()
 ///     .https_only()
 ///     .enable_http1()
 ///     .build();
+/// # }
 /// ```
 pub struct ConnectorBuilder<State>(State);
 
@@ -54,7 +57,10 @@ impl ConnectorBuilder<WantsTlsConfig> {
     /// Use rustls' default crypto provider and other defaults, and the platform verifier
     ///
     /// See [`ConfigBuilderExt::with_platform_verifier()`].
-    #[cfg(all(feature = "ring", feature = "rustls-platform-verifier"))]
+    #[cfg(all(
+        any(feature = "ring", feature = "aws-lc-rs"),
+        feature = "rustls-platform-verifier"
+    ))]
     pub fn with_platform_verifier(self) -> ConnectorBuilder<WantsSchemes> {
         self.with_tls_config(
             ClientConfig::builder()
@@ -67,7 +73,10 @@ impl ConnectorBuilder<WantsTlsConfig> {
     /// native roots.
     ///
     /// See [`ConfigBuilderExt::with_native_roots`]
-    #[cfg(all(feature = "ring", feature = "rustls-native-certs"))]
+    #[cfg(all(
+        any(feature = "ring", feature = "aws-lc-rs"),
+        feature = "rustls-native-certs"
+    ))]
     pub fn with_native_roots(self) -> std::io::Result<ConnectorBuilder<WantsSchemes>> {
         Ok(self.with_tls_config(
             ClientConfig::builder()
@@ -97,7 +106,7 @@ impl ConnectorBuilder<WantsTlsConfig> {
     /// safe defaults.
     ///
     /// See [`ConfigBuilderExt::with_webpki_roots`]
-    #[cfg(all(feature = "ring", feature = "webpki-roots"))]
+    #[cfg(all(any(feature = "ring", feature = "aws-lc-rs"), feature = "webpki-roots"))]
     pub fn with_webpki_roots(self) -> ConnectorBuilder<WantsSchemes> {
         self.with_tls_config(
             ClientConfig::builder()
@@ -316,6 +325,7 @@ mod tests {
     #[test]
     #[cfg(all(feature = "webpki-roots", feature = "http1"))]
     fn test_builder() {
+        ensure_global_state();
         let _connector = super::ConnectorBuilder::new()
             .with_webpki_roots()
             .https_only()
@@ -327,6 +337,7 @@ mod tests {
     #[cfg(feature = "http1")]
     #[should_panic(expected = "ALPN protocols should not be pre-defined")]
     fn test_reject_predefined_alpn() {
+        ensure_global_state();
         let roots = rustls::RootCertStore::empty();
         let mut config_with_alpn = rustls::ClientConfig::builder()
             .with_root_certificates(roots)
@@ -342,6 +353,7 @@ mod tests {
     #[test]
     #[cfg(all(feature = "http1", feature = "http2"))]
     fn test_alpn() {
+        ensure_global_state();
         let roots = rustls::RootCertStore::empty();
         let tls_config = rustls::ClientConfig::builder()
             .with_root_certificates(roots)
@@ -403,4 +415,11 @@ mod tests {
             .build();
         assert_eq!(&connector.tls_config.alpn_protocols, &[b"h2".to_vec()]);
     }
+
+    fn ensure_global_state() {
+        #[cfg(feature = "ring")]
+        let _ = rustls::crypto::ring::default_provider().install_default();
+        #[cfg(feature = "aws-lc-rs")]
+        let _ = rustls::crypto::aws_lc_rs::default_provider().install_default();
+    }
 }