diff --git a/bin/tests/system/dnssec/tests_validation.py b/bin/tests/system/dnssec/tests_validation.py
index 777bb693b1..1122180eaa 100644
--- a/bin/tests/system/dnssec/tests_validation.py
+++ b/bin/tests/system/dnssec/tests_validation.py
@@ -408,7 +408,7 @@ def test_private_algorithms(ns4):
         isctest.check.noerror(res1)
         isctest.check.servfail(res2)
         watcher.wait_for_line(
-            "No DNSKEY for extradsunknownoid.example/DS with PRIVATEOID"
+            "no DNSKEY matching DS"
         )
 
 
diff --git a/lib/dns/include/dns/validator.h b/lib/dns/include/dns/validator.h
index faa5ea1533..7676fe534b 100644
--- a/lib/dns/include/dns/validator.h
+++ b/lib/dns/include/dns/validator.h
@@ -150,6 +150,7 @@ struct dns_validator {
 	bool	       digest_sha1;
 	uint8_t	       unsupported_algorithm;
 	uint8_t	       unsupported_digest;
+	uint8_t	       validation_attempts;
 	dns_rdata_t    rdata;
 	bool	       resume;
 	isc_counter_t *nvalidations;
diff --git a/lib/dns/validator.c b/lib/dns/validator.c
index 2e731a7576..ed2931b744 100644
--- a/lib/dns/validator.c
+++ b/lib/dns/validator.c
@@ -2089,6 +2089,8 @@ validate_dnskey_dsset(dns_validator_t *val) {
 		}
 	}
 
+	val->validation_attempts++;
+
 	/*
 	 * Find the DNSKEY matching the DS...
 	 */
@@ -2113,6 +2115,12 @@ validate_dnskey_dsset(dns_validator_t *val) {
 						      val->name, key.algorithm,
 						      key.data, key.datalen))
 		{
+			/*
+			 * Don't count the unsupported algorithm into the
+			 * validation attempts.
+			 */
+			val->validation_attempts--;
+
 			if (val->unsupported_algorithm == 0) {
 				val->unsupported_algorithm = key.algorithm;
 				/*
@@ -2184,6 +2192,11 @@ validate_dnskey_dsset_next_done(void *arg) {
 		return;
 	}
 
+	if (val->validation_attempts != 0) {
+		val->unsupported_algorithm = 0;
+		val->unsupported_digest = 0;
+	}
+
 	validate_dnskey_dsset_done(val, result);
 	return;
 }