diff --git a/src/internal.c b/src/internal.c
index 76b927c04..c91c172a8 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -231,8 +231,10 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
 
     static int  SessionSecret_callback(WOLFSSL* ssl, void* secret,
                                                   int* secretSz, void* ctx);
+#ifdef WOLFSSL_TLS13
     static int  SessionSecret_callback_Tls13(WOLFSSL* ssl, int id,
                        const unsigned char* secret, int secretSz, void* ctx);
+#endif
 
     /*
      * This function builds up string for key-logging then call user's
diff --git a/tests/api.c b/tests/api.c
index 7c78694c5..746c75cd0 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -30601,7 +30601,8 @@ static void test_wolfSSL_Tls12_Key_Logging_test(void)
 }
 static void test_wolfSSL_Tls13_Key_Logging_test(void)
 {
- #if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK)
+ #if defined(WOLFSSL_TLS13) && defined(OPENSSL_EXTRA) && \
+    defined(HAVE_SECRET_CALLBACK)
  /* This test is intended for checking whether keylog callback is called
   * in client during TLS handshake between the client and a server.
   */