diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c
index cec7db28b..ccdf949e5 100644
--- a/ctaocrypt/src/asn.c
+++ b/ctaocrypt/src/asn.c
@@ -880,7 +880,7 @@ static int GetCertHeader(DecodedCert* cert, word32 inSz)
 
     len = mp_unsigned_bin_size(&mpi);
     if (len > SERIAL_SIZE)
-        ret = MP_TO_E;
+        len = SERIAL_SIZE;    /* use first 64 bits for unique id */
     if (mp_to_unsigned_bin(&mpi, cert->serial + (SERIAL_SIZE - len)) != MP_OKAY)
         ret = MP_TO_E;
 
diff --git a/include/openssl/cyassl_test.h b/include/openssl/cyassl_test.h
index 768281f63..8e0a458cc 100644
--- a/include/openssl/cyassl_test.h
+++ b/include/openssl/cyassl_test.h
@@ -99,8 +99,7 @@
     const char* eccCert  = "../../certs/server-ecc.pem";
     const char* eccKey   = "../../certs/ecc-key.pem";
     const char* svrCert  = "../../certs/server-cert.pem";
-    //const char* svrKey   = "../../certs/server-key.pem";
-    const char* svrKey   = "../../certs/server-keyPkcs8Enc.pem";
+    const char* svrKey   = "../../certs/server-key.pem";
     const char* cliCert  = "../../certs/client-cert.pem";
     const char* cliKey   = "../../certs/client-key.pem";
     const char* ntruCert = "../../certs/ntru-cert.pem";
@@ -110,8 +109,7 @@
     static const char* eccCert  = "../certs/server-ecc.pem";
     static const char* eccKey   = "../certs/ecc-key.pem";
     static const char* svrCert  = "../certs/server-cert.pem";
-    //static const char* svrKey   = "../certs/server-key.pem";
-    static const char* svrKey   = "../certs/server-keyPkcs8Enc.pem";
+    static const char* svrKey   = "../certs/server-key.pem";
     static const char* cliCert  = "../certs/client-cert.pem";
     static const char* cliKey   = "../certs/client-key.pem";
     static const char* ntruCert = "../certs/ntru-cert.pem";
diff --git a/src/ssl.c b/src/ssl.c
index d894664aa..71697284e 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -480,6 +480,7 @@ static int AddCA(SSL_CTX* ctx, buffer der)
         if (pkcs8)
             return ToTraditional(der->buffer, der->length);
 
+#ifdef OPENSSL_EXTRA
          if (pkcs8Enc) {
             int  passwordSz;
             char password[80];
@@ -491,6 +492,7 @@ static int AddCA(SSL_CTX* ctx, buffer der)
             return ToTraditionalEnc(der->buffer, der->length, password,
                                     passwordSz);
          }
+#endif
 
         return 0;
     }