diff --git a/configure.ac b/configure.ac
index 12388db48..daf1720cd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1234,6 +1234,11 @@ AC_ARG_ENABLE([wpas-dpp],
     [ ENABLED_WPAS_DPP=no ]
     )
 
+if test "$ENABLED_WPAS_DPP" = "yes"
+then
+    ENABLED_WPAS="yes"
+fi
+
 # ntp support
 AC_ARG_ENABLE([ntp],
     [AS_HELP_STRING([--enable-ntp],[Enable ntp support (default: disabled)])],
@@ -1241,11 +1246,6 @@ AC_ARG_ENABLE([ntp],
     [ ENABLED_NTP=no ]
     )
 
-if test "$ENABLED_WPAS_DPP" = "yes"
-then
-    ENABLED_WPAS="yes"
-fi
-
 # Fortress build
 AC_ARG_ENABLE([fortress],
     [AS_HELP_STRING([--enable-fortress],[Enable SSL fortress build (default: disabled)])],
@@ -2677,6 +2677,10 @@ AC_ARG_ENABLE([certreq],
     [ ENABLED_CERTREQ=no ]
     )
 
+if test "$ENABLED_WPAS_DPP" = "yes"
+then
+    ENABLED_CERTREQ="yes"
+fi
 
 # CERT REQUEST EXTENSION
 AC_ARG_ENABLE([certext],
@@ -2815,6 +2819,11 @@ AC_ARG_ENABLE([ecccustcurves],
     [ ENABLED_ECCCUSTCURVES=no ]
     )
 
+if test "$ENABLED_WPAS_DPP" = "yes"
+then
+    ENABLED_ECCCUSTCURVES="all"
+fi
+
 if test "$ENABLED_ECCCUSTCURVES" != "no"
 then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CUSTOM_CURVES"
@@ -4812,6 +4821,11 @@ AC_ARG_ENABLE([pkcs7],
     [ ENABLED_PKCS7=$enableval ],
     [ ENABLED_PKCS7=no ]
     )
+    
+if test "x$ENABLED_WPAS_DPP" = "xyes"
+then
+    ENABLED_PKCS7=yes
+fi
 
 # wolfSSH Options
 AC_ARG_ENABLE([wolfssh],
@@ -6450,7 +6464,7 @@ if test "$ENABLED_SP_MATH" = "yes"; then
     if test "$ENABLED_SP" = "no"; then
         AC_MSG_ERROR([Must have SP enabled with SP math: --enable-sp])
     fi
-    if test "$ENABLED_ECCCUSTCURVES" = "yes"; then
+    if test "$ENABLED_ECCCUSTCURVES" != "no"; then
         AC_MSG_ERROR([Cannot use single precision math and custom curves])
     fi
     if test "$ENABLED_DSA" = "yes"; then
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index ea212c2fe..9890c5782 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -26549,7 +26549,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
     if ((ret == 0) && (sz > (int)derSz)) {
         ret = BUFFER_E;
     }
-    if (ret == 0) {
+    if (ret == 0 && derBuffer != NULL) {
         /* Encode certificate request body into buffer. */
         SetASN_Items(certReqBodyASN, dataASN, certReqBodyASN_Length, derBuffer);
 
@@ -26565,14 +26565,15 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
                 &cert->subject, cert->heap);
         }
     }
-    if (ret >= 0) {
+    if (ret >= 0 && derBuffer != NULL) {
         /* Encode public key into space in buffer. */
         ret = EncodePublicKey(cert->keyType,
             (byte*)dataASN[CERTREQBODYASN_IDX_SPUBKEYINFO_SEQ].data.buffer.data,
             dataASN[CERTREQBODYASN_IDX_SPUBKEYINFO_SEQ].data.buffer.length,
             rsaKey, eccKey, ed25519Key, ed448Key, dsaKey);
     }
-    if ((ret >= 0) && (!dataASN[CERTREQBODYASN_IDX_EXT_BODY].noOut)) {
+    if ((ret >= 0 && derBuffer != NULL) &&
+            (!dataASN[CERTREQBODYASN_IDX_EXT_BODY].noOut)) {
         /* Encode extensions into space in buffer. */
         ret = EncodeExtensions(cert,
                 (byte*)dataASN[CERTREQBODYASN_IDX_EXT_BODY].data.buffer.data,
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index de67fc22b..f87102481 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -11995,7 +11995,7 @@ WOLFSSL_TEST_SUBROUTINE int memory_test(void)
         static const char* certDerFile = CERT_WRITE_TEMP_DIR "cert.der";
         static const char* otherCertPemFile = CERT_WRITE_TEMP_DIR "othercert.pem";
         static const char* certPemFile = CERT_WRITE_TEMP_DIR "cert.pem";
-        #if defined(WOLFSSL_CERT_REQ) && defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+        #if defined(WOLFSSL_CERT_REQ) && !defined(WOLFSSL_NO_MALLOC)
             static const char* certReqDerFile = CERT_WRITE_TEMP_DIR "certreq.der";
             static const char* certReqPemFile = CERT_WRITE_TEMP_DIR "certreq.pem";
         #endif
@@ -15559,10 +15559,13 @@ WOLFSSL_TEST_SUBROUTINE int rsa_test(void)
         goto exit_rsa;
 #endif
 
-#if defined(WOLFSSL_CERT_REQ) && defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+#if defined(WOLFSSL_CERT_REQ) && !defined(WOLFSSL_NO_MALLOC)
     {
         Cert        *req;
         int         derSz;
+#ifndef WOLFSSL_SMALL_STACK
+        byte*  der = NULL;
+#endif
 
         req = (Cert *)XMALLOC(sizeof *req, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
         if (! req)
@@ -15656,6 +15659,13 @@ WOLFSSL_TEST_SUBROUTINE int rsa_test(void)
             ERROR_OUT(-7974, exit_rsa);
         }
 
+        /* Test getting the size of the buffer without providing the buffer.
+         * derSz is set to the "largest buffer" we are willing to allocate. */
+        derSz = wc_MakeCertReq(req, NULL, 10000, key, NULL);
+        if (derSz < 0) {
+            ERROR_OUT(-7975, exit_rsa);
+        }
+
         XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
         XFREE(req, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
         der = NULL;