diff --git a/src/ssl.c b/src/ssl.c
index bf3cfb28c..3a4912d1e 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -56161,36 +56161,55 @@ static int wolfssl_conf_value_cmp(const WOLFSSL_CONF_VALUE *a,
     }
 }
 
-/* Use MD5 for hashing as OpenSSL uses a hash algorithm that is
- * "not as good as MD5, but still good" so using MD5 should
- * be good enough for this application. The produced hashes don't
+/* Use SHA for hashing as OpenSSL uses a hash algorithm that is
+ * "not as good as MD5, but still good" so using SHA should be more
+ * than good enough for this application. The produced hashes don't
  * need to line up between OpenSSL and wolfSSL. The hashes are for
  * internal indexing only */
 unsigned long wolfSSL_LH_strhash(const char *str)
 {
     unsigned long ret = 0;
-#ifndef NO_MD5
+#ifndef NO_SHA
+    wc_Sha sha;
     int strLen;
-    byte digest[WC_MD5_DIGEST_SIZE];
+    byte digest[WC_SHA_DIGEST_SIZE];
 #endif
     WOLFSSL_ENTER("wolfSSL_LH_strhash");
 
     if (!str)
         return 0;
 
-#ifndef NO_MD5
+#ifndef NO_SHA
     strLen = (int)XSTRLEN(str);
-    if (wc_Md5Hash((const byte*)str, strLen, digest) != 0) {
-        WOLFSSL_MSG("wc_Md5Hash error");
+
+    if (wc_InitSha_ex(&sha, NULL, 0) != 0) {
+        WOLFSSL_MSG("SHA1 Init failed");
         return 0;
     }
+
+    ret = 0;
+    do {
+        if (wc_ShaUpdate(&sha, (const byte *)str, (word32)strLen) != 0) {
+            WOLFSSL_MSG("SHA1 Update failed");
+            break;
+        }
+        if (wc_ShaFinal(&sha, digest) != 0) {
+            WOLFSSL_MSG("SHA1 Final failed");
+            break;
+        }
+        ret = 1;
+    } while (0);
+    wc_ShaFree(&sha);
+    if (ret == 0)
+        return 0;
+
     /* Take first 4 bytes in small endian as unsigned long */
     ret  =  (unsigned int)digest[0];
     ret |= ((unsigned int)digest[1] << 8 );
     ret |= ((unsigned int)digest[2] << 16);
     ret |= ((unsigned int)digest[3] << 24);
 #else
-    WOLFSSL_MSG("No md5 available for wolfSSL_LH_strhash");
+    WOLFSSL_MSG("No SHA available for wolfSSL_LH_strhash");
 #endif
     return ret;
 }
diff --git a/tests/api.c b/tests/api.c
index f0d1539ed..243157a42 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -29505,7 +29505,7 @@ static void test_wolfSSL_lhash(void)
 
     printf(testingFmt, "wolfSSL_LH_strhash()");
 
-    AssertIntEQ(lh_strhash(testStr), 0xb1231320);
+    AssertIntEQ(lh_strhash(testStr), 0x5b7541dc);
 
     printf(resultFmt, passed);
 #endif
@@ -42923,7 +42923,9 @@ static void test_wolfSSL_EVP_get_digestbynid(void)
 
     printf(testingFmt, "wolfSSL_EVP_get_digestbynid");
 
+#ifndef NO_MD5
     AssertNotNull(wolfSSL_EVP_get_digestbynid(NID_md5));
+#endif
     AssertNotNull(wolfSSL_EVP_get_digestbynid(NID_sha1));
     AssertNull(wolfSSL_EVP_get_digestbynid(0));