diff --git a/modules/dtls_gw/rtpp_dtls_conn.c b/modules/dtls_gw/rtpp_dtls_conn.c
index cc8d28eed..e5519ba5c 100644
--- a/modules/dtls_gw/rtpp_dtls_conn.c
+++ b/modules/dtls_gw/rtpp_dtls_conn.c
@@ -286,10 +286,10 @@ rtpp_dtls_conn_setmode(struct rtpp_dtls_conn *self,
           pvt->state);
         goto failed;
     }
-    if (rdfsp->algorithm->len != FP_DIGEST_ALG_LEN ||
-      memcmp(rdfsp->algorithm->s, FP_DIGEST_ALG, FP_DIGEST_ALG_LEN) != 0) {
+    if (rdfsp->algorithm.len != FP_DIGEST_ALG_LEN ||
+      memcmp(rdfsp->algorithm.s, FP_DIGEST_ALG, FP_DIGEST_ALG_LEN) != 0) {
         RTPP_LOG(RTPP_MOD_SELF.log, RTPP_LOG_ERR, "unsupported fingerprint "
-          "algorithm: \"%.*s\"", FMTSTR(rdfsp->algorithm));
+          "algorithm: \"%.*s\"", FMTSTR(&rdfsp->algorithm));
         goto failed;
     }
     if (rdfsp->fingerprint->len != FP_FINGERPRINT_STR_LEN) {
@@ -297,7 +297,7 @@ rtpp_dtls_conn_setmode(struct rtpp_dtls_conn *self,
           "length: \"%lu\"", rdfsp->fingerprint->len);
         goto failed;
     }
-    sprintf(pvt->fingerprint, "%.*s %.*s", FMTSTR(rdfsp->algorithm),
+    sprintf(pvt->fingerprint, "%.*s %.*s", FMTSTR(&rdfsp->algorithm),
       FMTSTR(rdfsp->fingerprint));
     if (rdfsp->ssrc != NULL) {
         uint32_t ssrc = strtoul(rdfsp->ssrc->s, &ep, 10);
diff --git a/modules/dtls_gw/rtpp_dtls_conn.h b/modules/dtls_gw/rtpp_dtls_conn.h
index cece4a077..cc2bf09dd 100644
--- a/modules/dtls_gw/rtpp_dtls_conn.h
+++ b/modules/dtls_gw/rtpp_dtls_conn.h
@@ -40,9 +40,10 @@ enum rtpp_dtls_mode {
 
 struct rdc_peer_spec {
     enum rtpp_dtls_mode peer_mode;
-    const rtpp_str_t *algorithm;
+    rtpp_str_const_t algorithm;
     const rtpp_str_t *fingerprint;
     const rtpp_str_t *ssrc;
+    char alg_buf[FP_DIGEST_ALG_LEN];
 };
 
 DEFINE_METHOD(rtpp_dtls_conn, rtpp_dtls_conn_dtls_recv, void,
diff --git a/modules/dtls_gw/rtpp_dtls_gw.c b/modules/dtls_gw/rtpp_dtls_gw.c
index 6416e97d8..f74c8142c 100644
--- a/modules/dtls_gw/rtpp_dtls_gw.c
+++ b/modules/dtls_gw/rtpp_dtls_gw.c
@@ -75,6 +75,7 @@
 #include "advanced/pproc_manager.h"
 
 #include "rtpp_dtls.h"
+#include "rtpp_dtls_util.h"
 #include "rtpp_dtls_conn.h"
 
 struct rtpp_module_priv {
@@ -331,7 +332,15 @@ rtpp_dtls_gw_handle_command(struct rtpp_module_priv *pvt,
     switch (rdg_cmd) {
     case RDG_CMD_A:
     case RDG_CMD_P:
-        rdfs.algorithm = &argv[1];
+        rtpp_str_dup2(&argv[1], &rdfs.algorithm);
+        if (rdfs.algorithm.len > sizeof(rdfs.alg_buf))
+            goto invalalg;
+        for (int i = 0; i < rdfs.algorithm.len; i++) {
+            rdfs.alg_buf[i] = rdfs.algorithm.s[i];
+            if (rdfs.alg_buf[i] >= 'a')
+                rdfs.alg_buf[i] -= ('a' - 'A');
+        }
+        rdfs.algorithm.s = rdfs.alg_buf;
         rdfs.fingerprint = &argv[2];
         rdfs.ssrc = (argc == 4) ? &argv[3] : NULL;
         rdfsp = &rdfs;
@@ -436,6 +445,10 @@ rtpp_dtls_gw_handle_command(struct rtpp_module_priv *pvt,
     RTPP_OBJ_DECREF(rtps_c);
     return (0);
 
+invalalg:
+    RTPP_LOG(RTPP_MOD_SELF.log, RTPP_LOG_ERR, "invalid algorithm: \"%s\"",
+      argv[1].s);
+    return (-1);
 invalmode:
     RTPP_LOG(RTPP_MOD_SELF.log, RTPP_LOG_ERR, "invalid mode: \"%s\"",
       argv[0].s);
diff --git a/modules/dtls_gw/rtpp_dtls_util.h b/modules/dtls_gw/rtpp_dtls_util.h
index f1e4914c6..fb9c26747 100644
--- a/modules/dtls_gw/rtpp_dtls_util.h
+++ b/modules/dtls_gw/rtpp_dtls_util.h
@@ -32,4 +32,6 @@
   FP_FINGERPRINT_STR_LEN)
 #define FP_DIGEST_STRBUF_LEN (FP_DIGEST_STR_LEN + 1)
 
+typedef struct x509_st X509;
+
 int rtpp_dtls_fp_gen(const X509 *, char *, int);