diff --git a/deps/mbedtls/mbedtls/config.h b/deps/mbedtls/mbedtls/config.h
index f76fde5c48..42d6f2dc6f 100644
--- a/deps/mbedtls/mbedtls/config.h
+++ b/deps/mbedtls/mbedtls/config.h
@@ -1863,9 +1863,7 @@
  *
  * This module provides the CTR_DRBG AES-256 random number generator.
  */
-#if 0
 #define MBEDTLS_CTR_DRBG_C
-#endif
 
 /**
  * \def MBEDTLS_DEBUG_C
diff --git a/libretro-common/net/net_socket_ssl.c b/libretro-common/net/net_socket_ssl.c
index cce5357dad..7d9cb9c16b 100644
--- a/libretro-common/net/net_socket_ssl.c
+++ b/libretro-common/net/net_socket_ssl.c
@@ -79,17 +79,13 @@ void* ssl_socket_init(int fd, const char *domain)
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
    mbedtls_x509_crt_init(&state->ca);
 #endif
-#ifdef DEBUG
    mbedtls_ctr_drbg_init(&state->ctr_drbg);
-#endif
    mbedtls_entropy_init(&state->entropy);
 
    state->net_ctx.fd = fd;
 
-#ifdef DEBUG
    if (mbedtls_ctr_drbg_seed(&state->ctr_drbg, mbedtls_entropy_func, &state->entropy, (const unsigned char*)pers, strlen(pers)) != 0)
       goto error;
-#endif
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
    if (mbedtls_x509_crt_parse(&state->ca, (const unsigned char*)cacert_pem, sizeof(cacert_pem) / sizeof(cacert_pem[0])) < 0)
@@ -120,9 +116,7 @@ int ssl_socket_connect(void *state_data, void *data, bool timeout_enable, bool n
 
    mbedtls_ssl_conf_authmode(&state->conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
    mbedtls_ssl_conf_ca_chain(&state->conf, &state->ca, NULL);
-#ifdef DEBUG
    mbedtls_ssl_conf_rng(&state->conf, mbedtls_ctr_drbg_random, &state->ctr_drbg);
-#endif
    mbedtls_ssl_conf_dbg(&state->conf, ssl_debug, stderr);
 
    if (mbedtls_ssl_setup(&state->ctx, &state->conf) != 0)
@@ -258,9 +252,7 @@ void ssl_socket_free(void *state_data)
 
    mbedtls_ssl_free(&state->ctx);
    mbedtls_ssl_config_free(&state->conf);
-#ifdef DEBUG
    mbedtls_ctr_drbg_free(&state->ctr_drbg);
-#endif
    mbedtls_entropy_free(&state->entropy);
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
    mbedtls_x509_crt_free(&state->ca);