diff --git a/configure.ac b/configure.ac
index 4cd9fb106..4224b604c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4791,11 +4791,11 @@ then
     ENABLED_DES3="yes"
 fi
 
-# DES3 ciphers
-AC_ARG_ENABLE([des3-ciphers],
-    [AS_HELP_STRING([--enable-des3-ciphers],[Enable DES3 ciphers (default: disabled unless des3 is enabled)])],
-    [ ENABLED_DES3_CIPHERS=$enableval ],
-    [ ENABLED_DES3_CIPHERS=no ]
+# DES3 TLS suites
+AC_ARG_ENABLE([des3-tls-suites],
+    [AS_HELP_STRING([--enable-des3-tls-suites],[Enable DES3 TLS cipher suites (default: disabled)])],
+    [ ENABLED_DES3_TLS_SUITES=$enableval ],
+    [ ENABLED_DES3_TLS_SUITES=no ]
     )
 
 # ARC4
@@ -8697,12 +8697,12 @@ else
     fi
 fi
 
-if test "x$ENABLED_DES3_CIPHERS" = "xno"
+if test "x$ENABLED_DES3_TLS_SUITES" = "xno"
 then
-    AM_CFLAGS="$AM_CFLAGS -DNO_DES3_CIPHERS"
+    AM_CFLAGS="$AM_CFLAGS -DNO_DES3_TLS_SUITES"
 else
     AS_IF([test "x$ENABLED_DES3" = "xno"],
-        [AC_MSG_ERROR([DES3 ciphers require DES3])])
+        [AC_MSG_ERROR([DES3 TLS suites require DES3])])
 fi
 
 if test "$ENABLED_AESGCM" != "no"
@@ -9503,7 +9503,7 @@ echo "   * AES-EAX:                    $ENABLED_AESEAX"
 echo "   * AES Bitspliced:             $ENABLED_AESBS"
 echo "   * ARIA:                       $ENABLED_ARIA"
 echo "   * DES3:                       $ENABLED_DES3"
-echo "   * DES3_CIPHERS:               $ENABLED_DES3_CIPHERS"
+echo "   * DES3 TLS Suites:            $ENABLED_DES3_TLS_SUITES"
 echo "   * Camellia:                   $ENABLED_CAMELLIA"
 echo "   * SM4-ECB:                    $ENABLED_SM4_ECB"
 echo "   * SM4-CBC:                    $ENABLED_SM4_CBC"
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
index 2c39bbcc3..73c4c7d6e 100644
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -343,7 +343,7 @@
         #endif
     #endif
 
-    #if !defined(NO_RSA) && !defined(NO_DES3) && !defined(NO_DES3_CIPHERS)
+    #if !defined(NO_RSA) && !defined(NO_DES3) && !defined(NO_DES3_TLS_SUITES)
         #if !defined(NO_SHA)
             #if defined(WOLFSSL_STATIC_RSA)
                 #define BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA
@@ -500,7 +500,7 @@
             #if defined(WOLFSSL_AES_256) && defined(HAVE_AES_CBC)
                 #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
             #endif
-            #if !defined(NO_DES3) && !defined(NO_DES3_CIPHERS)
+            #if !defined(NO_DES3) && !defined(NO_DES3_TLS_SUITES)
                 #define BUILD_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
             #endif
         #endif
@@ -687,7 +687,7 @@
         #endif
         #if !defined(NO_DES3) && !(defined(WSSL_HARDEN_TLS) && \
                                            WSSL_HARDEN_TLS > 112) && \
-            !defined(NO_DES3_CIPHERS)
+            !defined(NO_DES3_TLS_SUITES)
             /* 3DES offers only 112 bits of security.
              * Using guidance from section 5.6.1
              * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf */