diff --git a/src/ssl.c b/src/ssl.c
index 755cbcbc9..16bae5005 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -4508,10 +4508,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
 
     /* process user chain */
     if (ret >= 0) {
-        /* First certificate in chain is loaded into ssl->buffers.certificate.
-         * Remainder are loaded into ssl->buffers.certChain.
-         * Chain should have server cert first, then intermediates, then root.
-         */
+        /* Chain should have server cert first, then intermediates, then root.
+         * First certificate in chain is processed below after ProcessUserChain
+         *   and is loaded into ssl->buffers.certificate.
+         * Remainder are processed using ProcessUserChain and are loaded into
+         *   ssl->buffers.certChain. */
         if (userChain) {
             ret = ProcessUserChain(ctx, buff, sz, format, type, ssl, used, info);
         }
@@ -31477,9 +31478,9 @@ WOLFSSL_RSA* wolfSSL_d2i_RSAPrivateKey_bio(WOLFSSL_BIO *bio, WOLFSSL_RSA **out)
                                                        DYNAMIC_TYPE_TMP_BUFFER);
             if (extraBioMem == NULL) {
                 WOLFSSL_MSG("Malloc failure");;
-                XFREE((unsigned char*)extraBioMem, bio->heap, 
+                XFREE((unsigned char*)extraBioMem, bio->heap,
                                                        DYNAMIC_TYPE_TMP_BUFFER);
-                XFREE((unsigned char*)bioMem, bio->heap, 
+                XFREE((unsigned char*)bioMem, bio->heap,
                                                        DYNAMIC_TYPE_TMP_BUFFER);
                 return NULL;
             }
@@ -31492,13 +31493,13 @@ WOLFSSL_RSA* wolfSSL_d2i_RSAPrivateKey_bio(WOLFSSL_BIO *bio, WOLFSSL_RSA **out)
             wolfSSL_BIO_write(bio, extraBioMem, extraBioMemSz);
             if (wolfSSL_BIO_pending(bio) <= 0) {
                 WOLFSSL_MSG("Failed to write memory to bio");
-                XFREE((unsigned char*)extraBioMem, bio->heap, 
+                XFREE((unsigned char*)extraBioMem, bio->heap,
                                                        DYNAMIC_TYPE_TMP_BUFFER);
-                XFREE((unsigned char*)bioMem, bio->heap, 
+                XFREE((unsigned char*)bioMem, bio->heap,
                                                        DYNAMIC_TYPE_TMP_BUFFER);
                 return NULL;
             }
-            XFREE((unsigned char*)extraBioMem, bio->heap, 
+            XFREE((unsigned char*)extraBioMem, bio->heap,
                                                        DYNAMIC_TYPE_TMP_BUFFER);
         }
 
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 45e5c98ee..27ceca70e 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -8096,15 +8096,9 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
     consumedEnd = footerEnd + XSTRLEN(footer);
 
     if (consumedEnd < bufferEnd) {  /* handle no end of line on last line */
-        /* eat end of line */
-        if (consumedEnd[0] == '\n')
+        /* eat new line characters */
+        while (consumedEnd < bufferEnd && consumedEnd[0] == '\n') {
             consumedEnd++;
-        else if ((consumedEnd + 1 < bufferEnd) && consumedEnd[1] == '\n')
-            consumedEnd += 2;
-        else {
-            if (info)
-                info->consumed = (long)(consumedEnd+2 - (char*)buff);
-            return BUFFER_E;
         }
     }