diff --git a/certs/renewcerts.sh b/certs/renewcerts.sh
index 93d232f0f..5bea56062 100755
--- a/certs/renewcerts.sh
+++ b/certs/renewcerts.sh
@@ -182,7 +182,7 @@ run_renewcerts(){
     check_result $? "Step 3"
     mv ./3072/tmp.pem ./3072/client-cert.pem
 
-    openssl x509 -in ./3072/client-key.pem -outform der -out ./3072/client-key.der
+    openssl rsa -in ./3072/client-key.pem -outform der -out ./3072/client-key.der
     openssl x509 -in ./3072/client-cert.pem -outform der -out ./3072/client-cert.der
 
     echo "End of section"
diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c
index 2f0595cba..5ffb3b98c 100644
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@@ -1467,7 +1467,10 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
 {
     int   ret;
     byte* tmp;
-    int   hLen, i, maskLen, orig_bits = bits;
+    int   hLen, i, maskLen;
+#ifdef WOLFSSL_SHA512
+    int orig_bits = bits;
+#endif
 #if defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_STATIC_MEMORY)
     byte tmp_buf[RSA_MAX_SIZE/8];
     tmp = tmp_buf;