diff --git a/src/ssl.c b/src/ssl.c
index 1426f2e59..4ca62b5a1 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -7132,6 +7132,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type, WOLFSSL_EVP_PKEY** out,
 {
     WOLFSSL_EVP_PKEY* local;
     word32 idx = 0;
+    int    ret;
 
     WOLFSSL_ENTER("wolfSSL_d2i_PrivateKey");
 
@@ -7140,9 +7141,18 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey(int type, WOLFSSL_EVP_PKEY** out,
         return NULL;
     }
 
-    if (ToTraditionalInline((const byte*)(*in), &idx, (word32)inSz) > 0) {
+    /* Check if input buffer has PKCS8 header. In the case that it does not
+     * have a PKCS8 header then do not error out. */
+    if ((ret = ToTraditionalInline((const byte*)(*in), &idx, (word32)inSz))
+            > 0) {
         WOLFSSL_MSG("Found and removed PKCS8 header");
     }
+    else {
+        if (ret != ASN_PARSE_E) {
+            WOLFSSL_MSG("Unexpected error with trying to remove PKCS8 header");
+            return NULL;
+        }
+    }
 
     if (out != NULL && *out != NULL) {
         wolfSSL_EVP_PKEY_free(*out);
diff --git a/tests/api.c b/tests/api.c
index 6900f7c55..bdc4c0a46 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -13808,6 +13808,8 @@ static void test_wolfSSL_private_keys(void)
 #ifdef USE_CERT_BUFFERS_2048
     {
     const unsigned char* server_key = (const unsigned char*)server_key_der_2048;
+    unsigned char buf[FOURK_BUF];
+    word32 bufSz;
 
     AssertIntEQ(SSL_use_RSAPrivateKey_ASN1(ssl,
                 (unsigned char*)client_key_der_2048,
@@ -13838,6 +13840,15 @@ static void test_wolfSSL_private_keys(void)
     AssertNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey,
                 &server_key, (long)sizeof_server_key_der_2048));
     AssertIntEQ(SSL_use_PrivateKey(ssl, pkey), WOLFSSL_SUCCESS);
+
+    /* check striping PKCS8 header with wolfSSL_d2i_PrivateKey */
+    bufSz = FOURK_BUF;
+    AssertIntGT((bufSz = wc_CreatePKCS8Key(buf, &bufSz,
+                    (byte*)server_key_der_2048, sizeof_server_key_der_2048,
+                    RSAk, NULL, 0)), 0);
+    server_key = (const unsigned char*)buf;
+    AssertNotNull(wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &server_key,
+                (long)bufSz));
     }
 #endif
 
diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c
index 24469490f..2cf72a335 100644
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -9086,7 +9086,8 @@ int rsa_test(void)
         int         certSz;
         size_t      bytes3;
         word32      idx3 = 0;
-    #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    #if (!defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)) \
+        || !defined(USE_CERT_BUFFERS_256)
         FILE*       file3;
     #endif
     #ifdef WOLFSSL_TEST_CERT