diff --git a/ChangeLog b/ChangeLog
index 805ffceaa4..28a7bbee37 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,7 @@ PolarSSL ChangeLog
 Bugfix
    * Secure renegotiation extension should only be sent in case client
      supports secure renegotiation
+   * Fixed offset for cert_type list in ssl_parse_certificate_request()
 
 = Version 1.2.7 released 2013-04-13
 Features
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 7019ed07b8..e4a102b90f 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -951,7 +951,7 @@ static int ssl_parse_certificate_request( ssl_context *ssl )
         return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST );
     }
 
-    p = buf + 4;
+    p = buf + 5;
     while( cert_type_len > 0 )
     {
         if( *p == SSL_CERT_TYPE_RSA_SIGN )