diff --git a/libraries/libldap/tls_m.c b/libraries/libldap/tls_m.c
index 224b571842848ffff49f10dc60de43ebc823de21..32af7ec7c0a87d4613b9018d830fa8bfa90e0f4d 100644
--- a/libraries/libldap/tls_m.c
+++ b/libraries/libldap/tls_m.c
@@ -1030,10 +1030,12 @@ tlsm_auth_cert_handler(void *arg, PRFileDesc *fd,
 {
 	SECCertificateUsage certUsage = isServer ? certificateUsageSSLClient : certificateUsageSSLServer;
 	SECStatus ret = SECSuccess;
+	CERTCertificate *peercert = SSL_PeerCertificate( fd );
 
-	ret = tlsm_verify_cert( (CERTCertDBHandle *)arg, SSL_PeerCertificate( fd ),
+	ret = tlsm_verify_cert( (CERTCertDBHandle *)arg, peercert,
 							SSL_RevealPinArg( fd ),
 							checksig, certUsage, 0 );
+	CERT_DestroyCertificate( peercert );
 
 	return ret;
 }