diff --git a/ChangeLog.d/bugfix_PR2855.txt b/ChangeLog.d/bugfix_PR2855.txt
new file mode 100644
index 000000000..a09732181
--- /dev/null
+++ b/ChangeLog.d/bugfix_PR2855.txt
@@ -0,0 +1,2 @@
+Bugfix
+   * Remove dead code in X.509 certificate parsing. Contributed by irwir in #2855.
\ No newline at end of file
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 1e62ed5b0..51e6aac42 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -652,10 +652,6 @@ static int x509_get_subject_alt_name( unsigned char **p,
         mbedtls_x509_subject_alternative_name dummy_san_buf;
         memset( &dummy_san_buf, 0, sizeof( dummy_san_buf ) );
 
-        if( ( end - *p ) < 1 )
-            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
-                    MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-
         tag = **p;
         (*p)++;
         if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 )
@@ -669,7 +665,7 @@ static int x509_get_subject_alt_name( unsigned char **p,
         }
 
         /*
-         * Check that the SAN are structured correct.
+         * Check that the SAN is structured correctly.
          */
         ret = mbedtls_x509_parse_subject_alt_name( &(cur->buf), &dummy_san_buf );
         /*