diff --git a/lib/ssl/ssl3ext.c b/lib/ssl/ssl3ext.c
index 9cfd541..eb3fb70 100644
--- a/lib/ssl/ssl3ext.c
+++ b/lib/ssl/ssl3ext.c
@@ -321,6 +321,10 @@ ssl3HelloExtensionSender clientHelloSendersTLS[SSL_MAX_EXTENSIONS] = {
     { ssl_cert_status_xtn,        &ssl3_ClientSendStatusRequestXtn },
     { ssl_signed_certificate_timestamp_xtn,
       &ssl3_ClientSendSignedCertTimestampXtn },
+    /* WebSphere Application Server 7.0 is intolerant to the last extension
+     * being zero-length. It is not intolerant of TLS 1.2, so ensure that
+     * signature_algorithms is at the end to guarantee a non-empty
+     * extension. */
     { ssl_signature_algorithms_xtn, &ssl3_ClientSendSigAlgsXtn },
     { ssl_tls13_draft_version_xtn, &ssl3_ClientSendDraftVersionXtn },
     { ssl_extended_master_secret_xtn,       &ssl3_SendExtendedMasterSecretXtn},
@@ -2546,9 +2550,11 @@ ssl3_CalculatePaddingExtensionLength(unsigned int clientHelloLength)
     }
 
     extensionLength = 512 - recordLength;
-    /* Extensions take at least four bytes to encode. */
-    if (extensionLength < 4) {
-        extensionLength = 4;
+    /* Extensions take at least four bytes to encode. Always include at least
+     * one byte of data if including the extension. WebSphere Application
+     * Server 7.0 is intolerant to the last extension being zero-length. */
+    if (extensionLength < 4 + 1) {
+        extensionLength = 4 + 1;
     }
 
     return extensionLength;