diff --git a/components/openssl/library/ssl_pkey.c b/components/openssl/library/ssl_pkey.c
index 893a391dd8..ab56fe789d 100644
--- a/components/openssl/library/ssl_pkey.c
+++ b/components/openssl/library/ssl_pkey.c
@@ -31,7 +31,7 @@ EVP_PKEY* EVP_PKEY_new(void)
     int ret;
     EVP_PKEY *pkey;
 
-    pkey = ssl_malloc(sizeof(EVP_PKEY));
+    pkey = ssl_zalloc(sizeof(EVP_PKEY));
     if (!pkey)
         SSL_RET(failed1, "ssl_malloc\n");
 
diff --git a/components/openssl/library/ssl_x509.c b/components/openssl/library/ssl_x509.c
index 2368344a7a..431f03caa9 100644
--- a/components/openssl/library/ssl_x509.c
+++ b/components/openssl/library/ssl_x509.c
@@ -30,7 +30,7 @@ X509* X509_new(void)
     int ret;
     X509 *x;
 
-    x = ssl_malloc(sizeof(X509));
+    x = ssl_zalloc(sizeof(X509));
     if (!x)
         SSL_RET(failed1, "ssl_malloc\n");
 
diff --git a/components/openssl/platform/ssl_pm.c b/components/openssl/platform/ssl_pm.c
index 00c8f83020..10b736aa9c 100644
--- a/components/openssl/platform/ssl_pm.c
+++ b/components/openssl/platform/ssl_pm.c
@@ -79,13 +79,13 @@ int ssl_pm_new(SSL *ssl)
     struct x509_pm *x509_pm;
     struct pkey_pm *pkey_pm;
 
-    ssl->session.peer = ssl_malloc(sizeof(X509));
+    ssl->session.peer = ssl_zalloc(sizeof(X509));
     if (!ssl->session.peer)
-        SSL_ERR(ret, failed1, "ssl_malloc\n");
+        SSL_ERR(ret, failed1, "ssl_zalloc\n");
 
-    ssl_pm = ssl_malloc(sizeof(struct ssl_pm));
+    ssl_pm = ssl_zalloc(sizeof(struct ssl_pm));
     if (!ssl_pm)
-        SSL_ERR(ret, failed2, "ssl_malloc\n");
+        SSL_ERR(ret, failed2, "ssl_zalloc\n");
 
     mbedtls_net_init(&ssl_pm->fd);
     mbedtls_net_init(&ssl_pm->cl_fd);
@@ -193,7 +193,7 @@ int ssl_pm_handshake(SSL *ssl)
     if (!mbed_ret) {
         ret = 1;
 
-        ssl->session.peer = (X509 *)mbedtls_ssl_get_peer_cert(&ssl_pm->ssl);
+        ssl->session.peer->x509_pm = (struct x509_pm *)mbedtls_ssl_get_peer_cert(&ssl_pm->ssl);
     } else {
         ret = 0;
         SSL_DEBUG(1, "mbedtls_ssl_handshake [-0x%x]\n", -mbed_ret);
@@ -337,7 +337,7 @@ int x509_pm_new(X509 *x)
 {
     struct x509_pm *x509_pm;
 
-    x509_pm = ssl_malloc(sizeof(struct x509_pm));
+    x509_pm = ssl_zalloc(sizeof(struct x509_pm));
     if (!x509_pm)
         return -1;
 
@@ -364,7 +364,7 @@ int x509_pm_load(X509 *x, const unsigned char *buffer, int len)
 
     load_buf = ssl_malloc(len + 1);
     if (!load_buf)
-        SSL_RET(failed1, "");
+        SSL_RET(failed1);
 
     ssl_memcpy(load_buf, buffer, len);
     load_buf[len] = '\0';
@@ -398,7 +398,7 @@ int pkey_pm_new(EVP_PKEY *pkey)
 {
     struct pkey_pm *pkey_pm;
 
-    pkey_pm = ssl_malloc(sizeof(struct pkey_pm));
+    pkey_pm = ssl_zalloc(sizeof(struct pkey_pm));
     if (!pkey_pm)
         return -1;
 
@@ -425,7 +425,7 @@ int pkey_pm_load(EVP_PKEY *pkey, const unsigned char *buffer, int len)
 
     load_buf = ssl_malloc(len + 1);
     if (!load_buf)
-        SSL_RET(failed1, "");
+        SSL_RET(failed1);
 
     ssl_memcpy(load_buf, buffer, len);
     load_buf[len] = '\0';
diff --git a/components/openssl/platform/ssl_port.c b/components/openssl/platform/ssl_port.c
index 3e6ada5cc9..b57e703a17 100644
--- a/components/openssl/platform/ssl_port.c
+++ b/components/openssl/platform/ssl_port.c
@@ -31,7 +31,7 @@ void* ssl_zalloc(size_t size)
 
 void *ssl_malloc(size_t size)
 {
-    return ssl_zalloc(size);
+    return malloc(size);
 }
 
 void ssl_free(void *p)