diff --git a/libfreerdp/crypto/x509_utils.c b/libfreerdp/crypto/x509_utils.c
index d4226b72e..60a3c07c3 100644
--- a/libfreerdp/crypto/x509_utils.c
+++ b/libfreerdp/crypto/x509_utils.c
@@ -614,112 +614,6 @@ out_free_issuer:
 	free(subject);
 }
 
-static BYTE* x509_utils_get_pem(const X509* xcert, const STACK_OF(X509) * chain, size_t* plength)
-{
-	int count = 0;
-	BOOL rc = FALSE;
-	BYTE* pemCert = NULL;
-
-	if (!xcert || !plength)
-		return NULL;
-
-	/**
-	 * Don't manage certificates internally, leave it up entirely to the external client
-	 * implementation
-	 */
-	BIO* bio = BIO_new(BIO_s_mem());
-
-	if (!bio)
-	{
-		WLog_ERR(TAG, "BIO_new() failure");
-		return NULL;
-	}
-
-	X509* wcert = WINPR_CAST_CONST_PTR_AWAY(xcert, X509*);
-	int status = PEM_write_bio_X509(bio, wcert);
-
-	if (status < 0)
-	{
-		WLog_ERR(TAG, "PEM_write_bio_X509 failure: %d", status);
-		goto fail;
-	}
-
-	if (chain)
-	{
-		count = sk_X509_num(chain);
-		for (int x = 0; x < count; x++)
-		{
-			X509* c = sk_X509_value(chain, x);
-			status = PEM_write_bio_X509(bio, c);
-			if (status < 0)
-			{
-				WLog_ERR(TAG, "PEM_write_bio_X509 failure: %d", status);
-				goto fail;
-			}
-		}
-	}
-
-	const size_t blocksize = 2048;
-	size_t offset = 0;
-	size_t length = blocksize;
-	pemCert = (BYTE*)malloc(length + 1);
-
-	if (!pemCert || (length > INT_MAX))
-	{
-		WLog_ERR(TAG, "error allocating pemCert");
-		goto fail;
-	}
-
-	while (offset < length)
-	{
-		size_t new_len = length + blocksize;
-		BYTE* new_cert = (BYTE*)realloc(pemCert, new_len + 1);
-
-		size_t diff = length - offset;
-		if (!new_cert)
-			goto fail;
-
-		length = new_len;
-		pemCert = new_cert;
-
-		ERR_clear_error();
-
-		if (diff > INT_MAX)
-			goto fail;
-
-		status = BIO_read(bio, &pemCert[offset], (int)diff);
-
-		if (status < 0)
-			break;
-
-		offset += (size_t)status;
-		if ((size_t)status < diff)
-			break;
-	}
-
-	if (status < 0)
-	{
-		WLog_ERR(TAG, "failed to read certificate");
-		goto fail;
-	}
-
-	length = offset;
-	pemCert[length] = '\0';
-	*plength = length;
-	rc = TRUE;
-fail:
-
-	if (!rc)
-	{
-		WLog_ERR(TAG, "Failed to extract PEM from certificate %p", xcert);
-		free(pemCert);
-		pemCert = NULL;
-	}
-
-	BIO_free_all(bio);
-	return pemCert;
-}
-
 X509* x509_utils_from_pem(const char* data, size_t len, BOOL fromFile)
 {
 	X509* x509 = NULL;