diff --git a/src/x509.c b/src/x509.c
index cf9899dc8..aac58ade3 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -12444,6 +12444,7 @@ int wolfSSL_X509_REQ_get_attr_by_NID(const WOLFSSL_X509 *req,
                 break;
             }
         }
+        idx++;
     } while (sk != NULL);
 
     /* no matches found */
diff --git a/tests/api.c b/tests/api.c
index 7edb136f5..3fc90c95e 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -49699,8 +49699,8 @@ static void test_wolfSSL_d2i_X509_REQ(void)
          * Obtain the challenge password from the CSR
          */
         AssertIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword, -1),
-                NID_pkcs9_challengePassword);
-        AssertNotNull(attr = X509_REQ_get_attr(req, NID_pkcs9_challengePassword));
+                1);
+        AssertNotNull(attr = X509_REQ_get_attr(req, 1));
         AssertNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
         AssertNotNull(at->value.asn1_string);
         AssertStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "2xIE+qqp/rhyTXP+");
@@ -49740,8 +49740,8 @@ static void test_wolfSSL_d2i_X509_REQ(void)
          * Obtain the challenge password from the CSR
          */
         AssertIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword, -1),
-                NID_pkcs9_challengePassword);
-        AssertNotNull(attr = X509_REQ_get_attr(req, NID_pkcs9_challengePassword));
+                0);
+        AssertNotNull(attr = X509_REQ_get_attr(req, 0));
         AssertNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
         AssertNotNull(at->value.asn1_string);
         AssertStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "IGCu/xNL4/0/wOgo");