diff --git a/src/internal.c b/src/internal.c
index 02b3785b5..f7c73bcbe 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -8689,14 +8689,14 @@ void wolfSSL_ResourceFree(WOLFSSL* ssl)
 #endif
 #ifdef OPENSSL_EXTRA
     XFREE(ssl->param, ssl->heap, DYNAMIC_TYPE_OPENSSL);
-#ifdef HAVE_OCSP
+#endif
+#if defined(HAVE_OCSP) && defined(OPENSSL_ALL)
     if (ssl->ocspResp) {
         XFREE(ssl->ocspResp, NULL, 0);
         ssl->ocspResp = NULL;
         ssl->ocspRespSz = 0;
     }
-#endif
-#endif
+#endif /* defined(HAVE_OCSP) && defined(OPENSSL_ALL) */
 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
     while (ssl->certReqCtx != NULL) {
         CertReqCtx* curr = ssl->certReqCtx;
@@ -9021,13 +9021,13 @@ void FreeHandshakeResources(WOLFSSL* ssl)
         * !WOLFSSL_POST_HANDSHAKE_AUTH */
 #endif /* HAVE_TLS_EXTENSIONS && !NO_TLS */
 
-#if defined(HAVE_OCSP) && defined(OPENSSL_EXTRA)
+#if defined(HAVE_OCSP) && defined(OPENSSL_ALL)
     if (ssl->ocspResp != NULL) {
         XFREE(ssl->ocspResp, NULL, 0);
         ssl->ocspResp = NULL;
         ssl->ocspRespSz = 0;
     }
-#endif /* HAVE_OCSP && OPENSSL_EXTRA */
+#endif /* HAVE_OCSP && OPENSSL_ALL */
 
 #ifdef WOLFSSL_STATIC_MEMORY
     /* when done with handshake decrement current handshake count */
@@ -24858,7 +24858,7 @@ static int BuildCertificateStatus(WOLFSSL* ssl, byte type, buffer* status,
 
 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) &&                                \
     (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) ||                         \
-    defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA))
+    defined(WOLFSSL_HAPROXY))
 static int BuildCertificateStatusWithStatusCB(WOLFSSL* ssl)
 {
     WOLFSSL_OCSP *ocsp;
@@ -24896,9 +24896,8 @@ static int BuildCertificateStatusWithStatusCB(WOLFSSL* ssl)
     }
     return ret;
 }
-#endif /* HAVE_CERTIFICATE_STATUS_REQUEST && \
-          (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
-           defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)) */
+#endif /* HAVE_CERTIFICATE_STATUS_REQUEST && (defined(OPENSSL_ALL) ||
+          defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)) */
 #endif /* NO_WOLFSSL_SERVER */
 
 /* handle generation of certificate_status (22) */
@@ -24926,7 +24925,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
 
 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \
     (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
-     defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA))
+    defined(WOLFSSL_HAPROXY))
     if (SSL_CM(ssl)->ocsp_stapling != NULL &&
             SSL_CM(ssl)->ocsp_stapling->statusCb != NULL) {
         if (ssl->status_request == WOLFSSL_CSR_OCSP)
diff --git a/src/tls.c b/src/tls.c
index af48764b0..ba5cbe258 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -3238,15 +3238,14 @@ word16 TLSX_CSR_GetSize_ex(CertificateStatusRequest* csr, byte isRequest,
 #endif
 #if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER)
     if (!isRequest && IsAtLeastTLSv1_3(csr->ssl->version)) {
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
-        || defined(OPENSSL_EXTRA)
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
         if (csr->ssl != NULL && SSL_CM(csr->ssl) != NULL &&
                 SSL_CM(csr->ssl)->ocsp_stapling != NULL &&
                 SSL_CM(csr->ssl)->ocsp_stapling->statusCb != NULL &&
                 idx == 0) {
             return OPAQUE8_LEN + OPAQUE24_LEN + csr->ssl->ocspRespSz;
         }
-#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA */
+#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
         return (word16)(OPAQUE8_LEN + OPAQUE24_LEN +
                 csr->responses[idx].length);
     }
@@ -3257,8 +3256,7 @@ word16 TLSX_CSR_GetSize_ex(CertificateStatusRequest* csr, byte isRequest,
 }
 
 #if (defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER)) && \
-(defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
-defined(OPENSSL_EXTRA))
+(defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY))
 static int TLSX_CSR_SetResponseWithStatusCB(WOLFSSL *ssl)
 {
     void *ioCtx = NULL;
@@ -3319,7 +3317,7 @@ static int TLSX_CSR_WriteWithStatusCB(CertificateStatusRequest* csr,
     return offset + respSz;
 }
 #endif /* (TLS13 && !NO_WOLFSLL_SERVER) && (OPENSSL_ALL || WOLFSSL_NGINX ||
-WOLFSSL_HAPROXY || OPENSSL_EXTRA) */
+WOLFSSL_HAPROXY) */
 
 static word16 TLSX_CSR_GetSize(CertificateStatusRequest* csr, byte isRequest)
 {
@@ -3373,16 +3371,14 @@ int TLSX_CSR_Write_ex(CertificateStatusRequest* csr, byte* output,
 #if defined(WOLFSSL_TLS13) && !defined(NO_WOLFSSL_SERVER)
     if (!isRequest && IsAtLeastTLSv1_3(csr->ssl->version)) {
         word16 offset = 0;
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
-        || defined(OPENSSL_EXTRA)
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
         if (csr->ssl != NULL && SSL_CM(csr->ssl) != NULL &&
                 SSL_CM(csr->ssl)->ocsp_stapling != NULL &&
                 SSL_CM(csr->ssl)->ocsp_stapling->statusCb != NULL &&
                 idx == 0) {
             return TLSX_CSR_WriteWithStatusCB(csr, output);
         }
-#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
-defined(OPENSSL_EXTRA) */
+#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
         output[offset++] = csr->status_type;
         c32to24(csr->responses[idx].length, output + offset);
         offset += OPAQUE24_LEN;
@@ -3658,15 +3654,13 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
 
     #if defined(WOLFSSL_TLS13)
         if (ssl->options.tls1_3) {
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) ||                          \
-    defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
             if (ssl != NULL && SSL_CM(ssl) != NULL &&
                     SSL_CM(ssl)->ocsp_stapling != NULL &&
                     SSL_CM(ssl)->ocsp_stapling->statusCb != NULL) {
             return TLSX_CSR_SetResponseWithStatusCB(ssl);
 }
-#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||                   \
-          defined(OPENSSL_EXTRA) */
+#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
             if (ssl->buffers.certificate == NULL) {
                 WOLFSSL_MSG("Certificate buffer not set!");
                 return BUFFER_ERROR;
@@ -4163,8 +4157,7 @@ static int TLSX_CSR2_Parse(WOLFSSL* ssl, const byte* input, word16 length,
                     continue;
             }
 
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
-            || defined(OPENSSL_EXTRA)
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
             /* OpenSSL status CB supports only CERTIFICATE STATUS REQ V1 */
             if (ssl != NULL && SSL_CM(ssl) != NULL &&
                     SSL_CM(ssl)->ocsp_stapling != NULL &&
diff --git a/tests/api/test_ocsp.c b/tests/api/test_ocsp.c
index 192271284..a32e604de 100644
--- a/tests/api/test_ocsp.c
+++ b/tests/api/test_ocsp.c
@@ -361,7 +361,7 @@ int test_ocsp_basic_verify(void)
 
 #if defined(HAVE_OCSP) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) &&     \
     defined(HAVE_CERTIFICATE_STATUS_REQUEST) && !defined(WOLFSSL_NO_TLS12) &&  \
-    (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA))
+    defined(OPENSSL_ALL)
 
 struct _test_ocsp_status_callback_ctx {
     byte* ocsp_resp;
@@ -588,6 +588,7 @@ int test_ocsp_status_callback(void)
 {
     return TEST_SKIPPED;
 }
-#endif /* defined(HAVE_OCSP) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) &&  \
-    defined(HAVE_CERTIFICATE_STATUS_REQUEST) && !defined(WOLFSSL_NO_TLS12) &&  \
-    (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)) */
+#endif /* defined(HAVE_OCSP) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)  \
+        && defined(HAVE_CERTIFICATE_STATUS_REQUEST) &&                         \
+        !defined(WOLFSSL_NO_TLS12)                                             \
+        && defined(OPENSSL_ALL) */