diff --git a/src/keys.c b/src/keys.c
index 17281665f..938387ec1 100644
--- a/src/keys.c
+++ b/src/keys.c
@@ -3045,7 +3045,7 @@ int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side)
 /* TLS can call too */
 int StoreKeys(WOLFSSL* ssl, const byte* keyData, int side)
 {
-    int sz, i = 0, haveMcast = 0;
+    int sz, i = 0;
     Keys* keys = &ssl->keys;
 
 #ifdef HAVE_SECURE_RENEGOTIATION
@@ -3057,8 +3057,33 @@ int StoreKeys(WOLFSSL* ssl, const byte* keyData, int side)
 #endif /* HAVE_SECURE_RENEGOTIATION */
 
 #ifdef WOLFSSL_MULTICAST
-    haveMcast = ssl->options.haveMcast;
-#endif
+    if (ssl->options.haveMcast) {
+        /* Use the same keys for encrypt and decrypt. */
+        if (ssl->specs.cipher_type != aead) {
+            sz = ssl->specs.hash_size;
+            XMEMCPY(keys->client_write_MAC_secret,&keyData[i], sz);
+            XMEMCPY(keys->server_write_MAC_secret,&keyData[i], sz);
+            i += sz;
+        }
+        sz = ssl->specs.key_size;
+        XMEMCPY(keys->client_write_key, &keyData[i], sz);
+        XMEMCPY(keys->server_write_key, &keyData[i], sz);
+        i += sz;
+
+        sz = ssl->specs.iv_size;
+        XMEMCPY(keys->client_write_IV, &keyData[i], sz);
+        XMEMCPY(keys->server_write_IV, &keyData[i], sz);
+
+#ifdef HAVE_AEAD
+        if (ssl->specs.cipher_type == aead) {
+            /* Initialize the AES-GCM/CCM explicit IV to a zero. */
+            XMEMSET(keys->aead_exp_IV, 0, AEAD_MAX_EXP_SZ);
+        }
+#endif /* HAVE_AEAD */
+
+        return 0;
+    }
+#endif /* WOLFSSL_MULTICAST */
 
     if (ssl->specs.cipher_type != aead) {
         sz = ssl->specs.hash_size;