diff --git a/port/esp_idf/transport/http/client.c b/port/esp_idf/transport/http/client.c
index 8948f3d6..a6cf56cd 100644
--- a/port/esp_idf/transport/http/client.c
+++ b/port/esp_idf/transport/http/client.c
@@ -103,7 +103,13 @@ static esp_err_t pouch_server_cert_response_callback(esp_http_client_event_t *ev
     if (!esp_http_client_is_chunked_response(evt->client))
     {
 
-        if (sync->server_cert.pos + evt->data_len > sizeof(sync->server_cert.cert_buf))
+        if (evt->data_len <= 0)
+        {
+            ESP_LOGE(TAG, "No data in chunk");
+            return ESP_ERR_INVALID_SIZE;
+        }
+
+        if (sync->server_cert.pos + (size_t) evt->data_len > sizeof(sync->server_cert.cert_buf))
         {
             ESP_LOGE(TAG, "Server cert too large for buffer");
             return ESP_ERR_NO_MEM;
diff --git a/port/zephyr/transport/http/client.c b/port/zephyr/transport/http/client.c
index 7884feaa..0804e062 100644
--- a/port/zephyr/transport/http/client.c
+++ b/port/zephyr/transport/http/client.c
@@ -103,6 +103,12 @@ static int pouch_server_cert_response_callback(struct http_response *rsp,
 
     struct get_server_cert_context *ctx = user_data;
 
+    if (0 == rsp->body_frag_len)
+    {
+        LOG_ERR("No data in chunk");
+        return -EINVAL;
+    }
+
     if (ctx->pos + rsp->body_frag_len > sizeof(ctx->cert_buf))
     {
         LOG_ERR("Server cert too large for buffer");