diff --git a/cyassl/sniffer_error.rc b/cyassl/sniffer_error.rc
index f787f0647..8bcd6926c 100644
--- a/cyassl/sniffer_error.rc
+++ b/cyassl/sniffer_error.rc
@@ -87,5 +87,7 @@ STRINGTABLE
 
     71, "Decrypt Keys Not Set Up"
     72, "Late Key Load Error"
+    73, "Got Certificate Status msg"
+    74, "RSA Key Missing Error"
 }
 
diff --git a/src/sniffer.c b/src/sniffer.c
index f813f557c..0e81a8674 100644
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -236,7 +236,9 @@ static const char* const msgTable[] =
 
     /* 71 */
     "Decrypt Keys Not Set Up",
-    "Late Key Load Error"
+    "Late Key Load Error",
+    "Got Certificate Status msg",
+    "RSA Key Missing Error"
 };
 
 
@@ -1286,6 +1288,12 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
     RsaKey key;
     int    ret;
 
+    if (session->sslServer->buffers.key.buffer == NULL ||
+        session->sslServer->buffers.key.length == 0) {
+
+        SetError(RSA_KEY_MISSING_STR, error, session, FATAL_ERROR_STATE);
+        return -1;
+    }
     ret = wc_InitRsaKey(&key, 0);
     if (ret == 0)
         ret = wc_RsaPrivateKeyDecode(session->sslServer->buffers.key.buffer,
@@ -1842,6 +1850,9 @@ static int DoHandShake(const byte* input, int* sslBytes,
         case certificate_verify:
             Trace(GOT_CERT_VER_STR);
             break;
+        case certificate_status:
+            Trace(GOT_CERT_STATUS_STR);
+            break;
         default:
             SetError(GOT_UNKNOWN_HANDSHAKE_STR, error, session, 0);
             return -1;
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
index e1e180eba..3f33c5178 100644
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -2276,6 +2276,7 @@ enum HandShakeType {
     certificate_verify  = 15, 
     client_key_exchange = 16,
     finished            = 20,
+    certificate_status  = 22,
     change_cipher_hs    = 55      /* simulate unique handshake type for sanity
                                      checks.  record layer change_cipher
                                      conflicts with handshake finished */
diff --git a/wolfssl/sniffer_error.h b/wolfssl/sniffer_error.h
index 5f75aea89..ad89a50d9 100644
--- a/wolfssl/sniffer_error.h
+++ b/wolfssl/sniffer_error.h
@@ -105,6 +105,8 @@
 
 #define DECRYPT_KEYS_NOT_SETUP 71
 #define CLIENT_HELLO_LATE_KEY_STR 72
+#define GOT_CERT_STATUS_STR 73
+#define RSA_KEY_MISSING_STR 74
 /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */
 
 
diff --git a/wolfssl/sniffer_error.rc b/wolfssl/sniffer_error.rc
index f787f0647..8bcd6926c 100644
--- a/wolfssl/sniffer_error.rc
+++ b/wolfssl/sniffer_error.rc
@@ -87,5 +87,7 @@ STRINGTABLE
 
     71, "Decrypt Keys Not Set Up"
     72, "Late Key Load Error"
+    73, "Got Certificate Status msg"
+    74, "RSA Key Missing Error"
 }