diff --git a/ChangeLog b/ChangeLog
index 00ab95d83..21c91df93 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -30,6 +30,7 @@ Bugfix
    * x509parse_crtpath() is now reentrant and uses more portable stat()
    * Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler
    * Fixed values for 2-key Triple DES in cipher layer
+   * ssl_write_certificate_request() can handle empty ca_chain
 
 Security
    * A possible DoS during the SSL Handshake, due to faulty parsing of
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index ee4163359..9ba22949b 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -972,7 +972,7 @@ static int ssl_write_certificate_request( ssl_context *ssl )
     crt = ssl->ca_chain;
 
     total_dn_size = 0;
-    while( crt != NULL )
+    while( crt != NULL && crt->version != 0)
     {
         if( p - buf > 4096 )
             break;