diff --git a/sw/host/provisioning/ft_lib/src/lib.rs b/sw/host/provisioning/ft_lib/src/lib.rs
index b95c9b26767f9..b501804487214 100644
--- a/sw/host/provisioning/ft_lib/src/lib.rs
+++ b/sw/host/provisioning/ft_lib/src/lib.rs
@@ -440,19 +440,21 @@ fn provision_certificates(
 
     // Validate the certificate endorsements with OpenSSL.
     // TODO(lowRISC/opentitan:#24281): Add CWT verifier
-    log::info!("Validating DICE certificate chain with OpenSSL ...");
-    validate_cert_chain(ca_certificate.to_str().unwrap(), &dice_cert_chain)?;
-    log::info!("Success.");
-    log::info!("Validating SKU-specific certificates with OpenSSL ...");
+    if !dice_cert_chain.is_empty() {
+        log::info!("Validating DICE certificate chain with OpenSSL ...");
+        validate_cert_chain(ca_certificate.to_str().unwrap(), &dice_cert_chain)?;
+        log::info!("Success.");
+    }
     if !sku_specific_certs.is_empty() {
+        log::info!("Validating SKU-specific certificates with OpenSSL ...");
         for sku_specific_cert in sku_specific_certs.iter() {
             validate_cert_chain(
                 ca_certificate.to_str().unwrap(),
                 &[sku_specific_cert.clone()],
             )?;
         }
+        log::info!("Success.");
     }
-    log::info!("Success.");
 
     Ok(())
 }