diff --git a/src/ssl.c b/src/ssl.c
index 07e9d5a9d..928ff61da 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -32365,6 +32365,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
     }
 #endif
 
+#ifdef WOLFSSL_CERT_EXT
     /* Gets the NID value that is related to the OID string passed in. Example
      * string would be "2.5.29.14" for subject key ID.
      *
@@ -32403,6 +32404,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
         }
         return NID_undef;
     }
+#endif /* WOLFSSL_CERT_EXT */
 
 
     /* compatibility function. It's intended use is to remove OID's from an
diff --git a/tests/api.c b/tests/api.c
index d0622a9f0..b416f650f 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -20758,7 +20758,9 @@ static void test_wolfSSL_OBJ(void)
     AssertNotNull(obj = OBJ_nid2obj(NID_sha256));
     AssertIntEQ(OBJ_obj2nid(obj), NID_sha256);
     AssertIntEQ(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1), 22);
+#ifdef WOLFSSL_CERT_EXT
     AssertIntEQ(OBJ_txt2nid(buf), NID_sha256);
+#endif
     AssertIntGT(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 0), 0);
     ASN1_OBJECT_free(obj);