diff --git a/src/ssl.c b/src/ssl.c
index 7578ccc4b..7c008bfd8 100755
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -16367,16 +16367,26 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509* x509)
 int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime)
 {
     char buf[MAX_TIME_STRING_SZ];
+    int  ret = SSL_SUCCESS;
 
     WOLFSSL_ENTER("wolfSSL_ASN1_TIME_print");
 
     if (bio == NULL || asnTime == NULL)
         return BAD_FUNC_ARG;
 
-    wolfSSL_ASN1_TIME_to_string((WOLFSSL_ASN1_TIME*)asnTime, buf, sizeof(buf));
-    wolfSSL_BIO_write(bio, buf, (int)XSTRLEN(buf));
+    if (wolfSSL_ASN1_TIME_to_string((WOLFSSL_ASN1_TIME*)asnTime, buf,
+                sizeof(buf)) == NULL) {
+        XMEMSET(buf, 0, MAX_TIME_STRING_SZ);
+        XMEMCPY(buf, "Bad time value", 14);
+        ret = SSL_FAILURE;
+    }
 
-    return 0;
+    if (wolfSSL_BIO_write(bio, buf, (int)XSTRLEN(buf)) <= 0) {
+        WOLFSSL_MSG("Unable to write to bio");
+        return SSL_FAILURE;
+    }
+
+    return ret;
 }
 
 
diff --git a/tests/api.c b/tests/api.c
index f21098d6b..c20dcf02b 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -9450,6 +9450,42 @@ static void test_wolfSSL_certs(void)
 }
 
 
+static void test_wolfSSL_ASN1_TIME_print()
+{
+    #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) \
+        && (defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
+            defined(WOLFSSL_HAPROXY)) && defined(USE_CERT_BUFFERS_2048)
+    BIO*  bio;
+    X509*  x509;
+    const unsigned char* der = client_cert_der_2048;
+    ASN1_TIME* t;
+    unsigned char buf[25];
+
+    printf(testingFmt, "wolfSSL_ASN1_TIME_print()");
+
+    AssertNotNull(bio = BIO_new(BIO_s_mem()));
+    AssertNotNull(x509 = wolfSSL_X509_load_certificate_buffer(der,
+                sizeof_client_cert_der_2048, SSL_FILETYPE_ASN1));
+    AssertIntEQ(ASN1_TIME_print(bio, X509_get_notBefore(x509)), 1);
+    AssertIntEQ(BIO_read(bio, buf, sizeof(buf)), 24);
+    AssertIntEQ(XMEMCMP(buf, "Aug 11 20:07:37 2016 GMT", sizeof(buf) - 1), 0);
+
+    /* create a bad time and test results */
+    AssertNotNull(t = X509_get_notAfter(x509));
+    t->data[10] = 0;
+    t->data[5]  = 0;
+    AssertIntNE(ASN1_TIME_print(bio, t), 1);
+    AssertIntEQ(BIO_read(bio, buf, sizeof(buf)), 14);
+    AssertIntEQ(XMEMCMP(buf, "Bad time value", 14), 0);
+
+    BIO_free(bio);
+    X509_free(x509);
+
+    printf(resultFmt, passed);
+    #endif
+}
+
+
 static void test_wolfSSL_private_keys(void)
 {
     #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
@@ -10857,6 +10893,7 @@ void ApiTest(void)
     /* compatibility tests */
     test_wolfSSL_DES();
     test_wolfSSL_certs();
+    test_wolfSSL_ASN1_TIME_print();
     test_wolfSSL_private_keys();
     test_wolfSSL_PEM_PrivateKey();
     test_wolfSSL_tmp_dh();
diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h
index 401d5a08e..592ea2b9a 100644
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@@ -196,7 +196,7 @@ enum Misc_ASN {
     TRAILING_ZERO       = 1,       /* Used for size of zero pad */
     MIN_VERSION_SZ      = 3,       /* Min bytes needed for GetMyVersion */
 #if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
-    MAX_TIME_STRING_SZ  = 21,      /* Max length of formatted time string */
+    MAX_TIME_STRING_SZ  = 25,      /* Max length of formatted time string */
 #endif
 };