diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index f531935569..ddb1f9f813 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1231,7 +1231,7 @@ static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl,
         {
 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
             ssl->handshake->ecdh_ctx.point_format = p[0];
-#endif            
+#endif
 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
             ssl->handshake->ecjpake_ctx.point_format = p[0];
 #endif
@@ -1244,7 +1244,7 @@ static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl,
     }
 
     MBEDTLS_SSL_DEBUG_MSG( 1, ( "no point format in common" ) );
-        mbedtls_ssl_send_fatal_handshake_failure( ssl );
+    mbedtls_ssl_send_fatal_handshake_failure( ssl );
     return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
 }
 #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || 
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index cf7ad4e815..b88080af91 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4223,6 +4223,7 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
     size_t i, n;
     const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
     int authmode = ssl->conf->authmode;
+    uint8_t alert;
 
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
 
@@ -4403,8 +4404,6 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
                                   ssl->in_msg + i, n );
         switch( ret )
         {
-        uint8_t alert;
-
         case 0: /*ok*/
         case MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND:
             /* Ignore certificate with an unknown algorithm: maybe a