diff --git a/changelogs/fragments/community.cryto-180-openssl-csr-basic-constraint.yml b/changelogs/fragments/community.cryto-180-openssl-csr-basic-constraint.yml
new file mode 100644
index 00000000000..4afe2c5a5fe
--- /dev/null
+++ b/changelogs/fragments/community.cryto-180-openssl-csr-basic-constraint.yml
@@ -0,0 +1,3 @@
+---
+bugfixes:
+  - "openssl_csr - no longer fails when comparing CSR without basic constraint when ``basic_constraints`` is specified (https://github.com/ansible-collections/community.crypto/issues/179, https://github.com/ansible-collections/community.crypto/pull/180)."
diff --git a/lib/ansible/modules/crypto/openssl_csr.py b/lib/ansible/modules/crypto/openssl_csr.py
index c045f2594dd..e2ffe38e023 100644
--- a/lib/ansible/modules/crypto/openssl_csr.py
+++ b/lib/ansible/modules/crypto/openssl_csr.py
@@ -911,9 +911,9 @@ class CertificateSigningRequestCryptography(CertificateSigningRequestBase):
                 return False
             # Check criticality
             if self.basicConstraints:
-                if bc_ext.critical != self.basicConstraints_critical:
-                    return False
-            return True
+                return bc_ext is not None and bc_ext.critical == self.basicConstraints_critical
+            else:
+                return bc_ext is None
 
         def _check_ocspMustStaple(extensions):
             try: