diff --git a/cyassl/internal.h b/cyassl/internal.h
index 0cff015ee..9830c61d6 100644
--- a/cyassl/internal.h
+++ b/cyassl/internal.h
@@ -1664,6 +1664,7 @@ struct CYASSL_X509 {
     byte             notAfter[MAX_DATE_SZ];
     int              sigOID;
     buffer           sig;
+    int              pubKeyOID;
     buffer           pubKey;
     buffer           derCert;                        /* may need  */
     DNS_entry*       altNames;                       /* alt names list */
diff --git a/src/internal.c b/src/internal.c
index d025cd4ab..82801139d 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -3123,6 +3123,7 @@ int CopyDecodedToX509(CYASSL_X509* x509, DecodedCert* dCert)
         x509->pubKey.buffer = (byte*)XMALLOC(
                               dCert->pubKeySize, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
         if (x509->pubKey.buffer != NULL) {
+            x509->pubKeyOID = dCert->keyOID;
             x509->pubKey.length = dCert->pubKeySize;
             XMEMCPY(x509->pubKey.buffer, dCert->publicKey, dCert->pubKeySize);
         }
diff --git a/src/ssl.c b/src/ssl.c
index d7eae568c..2188bc14b 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -8312,7 +8312,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
             key = (CYASSL_EVP_PKEY*)XMALLOC(
                         sizeof(CYASSL_EVP_PKEY), NULL, DYNAMIC_TYPE_PUBLIC_KEY);
             if (key != NULL) {
-                key->type = 0;
+                key->type = x509->pubKeyOID;
                 key->save_type = 0;
                 key->pkey.ptr = (char*)XMALLOC(
                             x509->pubKey.length, NULL, DYNAMIC_TYPE_PUBLIC_KEY);