diff --git a/src/ssl.c b/src/ssl.c
index d91b5f2ac..6e0c63db8 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -32179,6 +32179,11 @@ int wolfSSL_X509_check_host(X509 *x, const char *chk, size_t chklen,
     (void)flags;
     (void)peername;
 
+    if (flags == WOLFSSL_NO_WILDCARDS) {
+        WOLFSSL_MSG("X509_CHECK_FLAG_NO_WILDCARDS not yet implemented");
+        return WOLFSSL_FAILURE;
+    }
+
     InitDecodedCert(&dCert, x->derCert->buffer, x->derCert->length, NULL);
     ret = ParseCertRelative(&dCert, CERT_TYPE, 0, NULL);
     if (ret != 0)
diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h
index e30b203b6..10fe12811 100644
--- a/wolfssl/openssl/ssl.h
+++ b/wolfssl/openssl/ssl.h
@@ -708,6 +708,7 @@ enum {
 
 #define X509_V_FLAG_USE_CHECK_TIME WOLFSSL_USE_CHECK_TIME
 #define X509_V_FLAG_NO_CHECK_TIME  WOLFSSL_NO_CHECK_TIME
+#define X509_CHECK_FLAG_NO_WILDCARDS WOLFSSL_NO_WILDCARDS
 
 #define SSL3_RANDOM_SIZE                 32 /* same as RAN_LEN in internal.h */
 #if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA)
diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h
index 4db2512c2..3c5c613ba 100644
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -297,6 +297,7 @@ struct WOLFSSL_X509_STORE {
 #ifdef OPENSSL_EXTRA
 #define WOLFSSL_USE_CHECK_TIME 0x2
 #define WOLFSSL_NO_CHECK_TIME  0x200000
+#define WOLFSSL_NO_WILDCARDS   0x4
 struct WOLFSSL_X509_VERIFY_PARAM {
     time_t  check_time;
     unsigned long flags;