diff --git a/tests/api.c b/tests/api.c
index e749ce8fa..2c983a732 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -53815,7 +53815,7 @@ static int test_MakeCertWith0Ser(void)
 
     wc_InitDecodedCert(&decodedCert, der, (word32)derSize, NULL);
 
-#ifndef WOLFSSL_NO_ASN_STRICT
+#if !defined(WOLFSSL_NO_ASN_STRICT) && !defined(WOLFSSL_PYTHON)
     ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL),
         ASN_PARSE_E);
 #else
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index c31fa2a43..6a8038e0e 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -21876,7 +21876,7 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
         cert->version = version;
         cert->serialSz = (int)serialSz;
 
-    #ifndef WOLFSSL_NO_ASN_STRICT
+    #if !defined(WOLFSSL_NO_ASN_STRICT) && !defined(WOLFSSL_PYTHON)
         /* RFC 5280 section 4.1.2.2 states that non-conforming CAs may issue
          * a negative or zero serial number and should be handled gracefully.
          * Since it is a non-conforming CA that issues a serial of 0 then we