diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a6e4e38236..140b749a28 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -8179,6 +8179,9 @@ int mbedtls_ssl_write_sig_alg_ext( mbedtls_ssl_context *ssl, unsigned char *buf,
 
     for( ; *sig_alg != MBEDTLS_TLS1_3_SIG_NONE; sig_alg++ )
     {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "got signature scheme [%x] %s",
+                                    *sig_alg,
+                                    mbedtls_ssl_sig_alg_to_str( *sig_alg ) ) );
         if( ! mbedtls_ssl_sig_alg_is_supported( ssl, *sig_alg ) )
             continue;
         MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 7ac785e9f1..d470b707a2 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -935,7 +935,7 @@ static int ssl_tls13_select_sig_alg_for_certificate_verify(
     *algorithm = MBEDTLS_TLS1_3_SIG_NONE;
     for( ; *sig_alg != MBEDTLS_TLS1_3_SIG_NONE ; sig_alg++ )
     {
-        if( mbedtls_ssl_tls13_sig_alg_is_supported_for_certificate( *sig_alg) &&
+        if( mbedtls_ssl_tls13_sig_alg_is_supported_for_certificate( *sig_alg ) &&
             mbedtls_ssl_tls13_check_sig_alg_cert_key_match(
                                                         *sig_alg, own_key ) )
         {