--- a/cherokee/cryptor_libssl.c	
+++ a/cherokee/cryptor_libssl.c	
@@ -53,6 +53,8 @@ static DH *dh_param_1024 = NULL;
 static DH *dh_param_2048 = NULL;
 static DH *dh_param_4096 = NULL;
 
+#include "cryptor_libssl_compat.h"
+
 #include "cryptor_libssl_dh_512.c"
 #include "cryptor_libssl_dh_1024.c"
 #include "cryptor_libssl_dh_2048.c"
@@ -238,13 +240,13 @@ cherokee_cryptor_libssl_find_vserver (SSL *ssl,
 	/* SSL_set_SSL_CTX() only change certificates. We need to
 	 * changes more options by hand.
 	 */
-	SSL_set_options(ssl, SSL_CTX_get_options(ssl->ctx));
+	SSL_set_options(ssl, SSL_CTX_get_options(ctx));
 
 	if ((SSL_get_verify_mode(ssl) == SSL_VERIFY_NONE) ||
 	    (SSL_num_renegotiations(ssl) == 0)) {
 
-		SSL_set_verify(ssl, SSL_CTX_get_verify_mode(ssl->ctx),
-		               SSL_CTX_get_verify_callback(ssl->ctx));
+		SSL_set_verify(ssl, SSL_CTX_get_verify_mode(ctx),
+		               SSL_CTX_get_verify_callback(ctx));
 	}
 
 	return ret_ok;
@@ -790,11 +792,13 @@ _socket_init_tls (cherokee_cryptor_socket_libssl_t *cryp,
 	}
 #endif
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	/* Disable Ciphers renegotiation (CVE-2009-3555)
 	 */
 	if (cryp->session->s3) {
 		cryp->session->s3->flags |= SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS;
 	}
+#endif
 
 	return ret_ok;
 }
@@ -1330,10 +1334,15 @@ PLUGIN_INIT_NAME(libssl) (cherokee_plugin_loader_t *loader)
 
 	/* Init OpenSSL
 	 */
-	OPENSSL_config (NULL);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+	OPENSSL_config(NULL);
 	SSL_library_init();
 	SSL_load_error_strings();
 	OpenSSL_add_all_algorithms();
+#else
+	OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
+	OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
+#endif
 
 	/* Ensure PRNG has been seeded with enough data
 	 */
--- a/cherokee/cryptor_libssl_compat.h	
+++ a/cherokee/cryptor_libssl_compat.h	
@@ -0,0 +1,36 @@ 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#include <string.h>
+#include <openssl/engine.h>
+
+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
+{
+	/* If the fields p and g in d are NULL, the corresponding input
+	 * parameters MUST be non-NULL.  q may remain NULL.
+	 */
+
+	if ((dh->p == NULL && p == NULL)
+	    || (dh->g == NULL && g == NULL))
+		return 0;
+
+	if (p != NULL) {
+		BN_free(dh->p);
+		dh->p = p;
+	}
+
+	if (q != NULL) {
+		BN_free(dh->q);
+		dh->q = q;
+	}
+
+	if (g != NULL) {
+		BN_free(dh->g);
+		dh->g = g;
+	}
+
+	if (q != NULL) {
+		dh->length = BN_num_bits(q);
+	}
+
+	return 1;
+}
+#endif
--- a/cherokee/cryptor_libssl_dh_1024.c	
+++ a/cherokee/cryptor_libssl_dh_1024.c	
@@ -2,9 +2,10 @@ 
 #ifndef HEADER_DH_H
 #include <openssl/dh.h>
 #endif
+
 static DH *get_dh1024()
 {
-	static unsigned char dh1024_p[]={
+	static unsigned char dhp_1024[]={
 		0x85,0x08,0xFF,0x6C,0xC1,0x0C,0x23,0x55,0xC5,0xF8,0x3D,0x47,
 		0x6F,0x23,0x36,0xDA,0x98,0xF3,0xE4,0x56,0xCD,0xA0,0xF3,0x02,
 		0x18,0xB0,0xCB,0xD2,0x92,0x4B,0xDC,0x76,0x2B,0x24,0x2B,0x20,
@@ -17,16 +18,20 @@ static DH *get_dh1024()
 		0xF4,0xB8,0xB7,0x5B,0xEF,0x7E,0x06,0x43,0x2A,0x8E,0x33,0x69,
 		0x71,0x65,0x35,0xBF,0xCB,0xCD,0xB0,0x5B,
 	};
-	static unsigned char dh1024_g[]={
+	static unsigned char dhg_1024[]={
 		0x02,
 	};
 	DH *dh;
+	BIGNUM *dhp_bn, *dhg_bn;
 
 	if ((dh=DH_new()) == NULL) return(NULL);
-	dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
-	dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
-	if ((dh->p == NULL) || (dh->g == NULL)) {
-		DH_free(dh); return(NULL);
+	dhp_bn = BN_bin2bn(dhp_1024, sizeof (dhp_1024), NULL);
+	dhg_bn = BN_bin2bn(dhg_1024, sizeof (dhg_1024), NULL);
+	if (!DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
+		DH_free(dh);
+		BN_free(dhp_bn);
+		BN_free(dhg_bn);
+		return(NULL);
 	}
 	return(dh);
 }
--- a/cherokee/cryptor_libssl_dh_2048.c	
+++ a/cherokee/cryptor_libssl_dh_2048.c	
@@ -2,9 +2,10 @@ 
 #ifndef HEADER_DH_H
 #include <openssl/dh.h>
 #endif
+
 static DH *get_dh2048()
 {
-	static unsigned char dh2048_p[]={
+	static unsigned char dhp_2048[]={
 		0xC8,0xF1,0xD4,0x48,0xB6,0x11,0x5B,0x2B,0x9E,0x3D,0xE4,0x49,
 		0x0A,0xC4,0x8A,0x0B,0xFF,0xAC,0x09,0x4F,0x88,0x91,0x08,0xB8,
 		0x7D,0x71,0xB7,0x7D,0x87,0x44,0x09,0x70,0x15,0xFF,0x0C,0xAF,
@@ -28,16 +29,20 @@ static DH *get_dh2048()
 		0x7C,0x83,0xB9,0x40,0x7A,0x2E,0xA4,0x1D,0x85,0x68,0x69,0x66,
 		0xF8,0xAA,0x70,0x6B,
 	};
-	static unsigned char dh2048_g[]={
+	static unsigned char dhg_2048[]={
 		0x02,
 	};
 	DH *dh;
+	BIGNUM *dhp_bn, *dhg_bn;
 
 	if ((dh=DH_new()) == NULL) return(NULL);
-	dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
-	dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
-	if ((dh->p == NULL) || (dh->g == NULL)) {
-		DH_free(dh); return(NULL);
+	dhp_bn = BN_bin2bn(dhp_2048, sizeof (dhp_2048), NULL);
+	dhg_bn = BN_bin2bn(dhg_2048, sizeof (dhg_2048), NULL);
+	if (!DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
+		DH_free(dh);
+		BN_free(dhp_bn);
+		BN_free(dhg_bn);
+		return(NULL);
 	}
 	return(dh);
 }
--- a/cherokee/cryptor_libssl_dh_4096.c	
+++ a/cherokee/cryptor_libssl_dh_4096.c	
@@ -2,9 +2,10 @@ 
 #ifndef HEADER_DH_H
 #include <openssl/dh.h>
 #endif
+
 static DH *get_dh4096()
 {
-	static unsigned char dh4096_p[]={
+	static unsigned char dhp_4096[]={
 		0xD2,0xB2,0x5E,0x24,0x83,0x8E,0x04,0x17,0x39,0xAB,0x99,0x5A,
 		0xAB,0x0C,0x15,0x3C,0x95,0xE0,0xE4,0x48,0x3F,0xE4,0x22,0x48,
 		0xCA,0x19,0xCA,0xD0,0x9E,0xA7,0x09,0xD0,0x97,0x0F,0x31,0x49,
@@ -49,16 +50,20 @@ static DH *get_dh4096()
 		0xE9,0xD3,0x8C,0x4A,0x7C,0x49,0x36,0x84,0xBF,0xD0,0xE0,0x45,
 		0x2C,0x74,0xC9,0x6D,0x09,0xDE,0xA1,0x33,
 	};
-	static unsigned char dh4096_g[]={
+	static unsigned char dhg_4096[]={
 		0x02,
 	};
 	DH *dh;
+	BIGNUM *dhp_bn, *dhg_bn;
 
 	if ((dh=DH_new()) == NULL) return(NULL);
-	dh->p=BN_bin2bn(dh4096_p,sizeof(dh4096_p),NULL);
-	dh->g=BN_bin2bn(dh4096_g,sizeof(dh4096_g),NULL);
-	if ((dh->p == NULL) || (dh->g == NULL)) {
-		DH_free(dh); return(NULL);
+	dhp_bn = BN_bin2bn(dhp_4096, sizeof (dhp_4096), NULL);
+	dhg_bn = BN_bin2bn(dhg_4096, sizeof (dhg_4096), NULL);
+	if (!DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
+		DH_free(dh);
+		BN_free(dhp_bn);
+		BN_free(dhg_bn);
+		return(NULL);
 	}
 	return(dh);
 }
--- a/cherokee/cryptor_libssl_dh_512.c	
+++ a/cherokee/cryptor_libssl_dh_512.c	
@@ -2,9 +2,10 @@ 
 #ifndef HEADER_DH_H
 #include <openssl/dh.h>
 #endif
+
 static DH *get_dh512()
 {
-	static unsigned char dh512_p[]={
+	static unsigned char dhp_512[]={
 		0xED,0x78,0x7E,0x95,0xB9,0x05,0xD5,0x00,0x38,0xC6,0x6B,0x49,
 		0x78,0x22,0x78,0x43,0x8D,0xCC,0xF9,0x83,0x18,0xBB,0x6E,0xFE,
 		0xCD,0x90,0xC3,0x84,0xA8,0x5C,0x04,0x84,0xEB,0x85,0x1D,0x5B,
@@ -12,16 +13,20 @@ static DH *get_dh512()
 		0xA5,0xA7,0x10,0x7D,0x43,0x1B,0x6F,0xAD,0xA8,0xA1,0xB0,0xD3,
 		0xD9,0x23,0xD1,0x83,
 	};
-	static unsigned char dh512_g[]={
+	static unsigned char dhg_512[]={
 		0x02,
 	};
 	DH *dh;
+	BIGNUM *dhp_bn, *dhg_bn;
 
 	if ((dh=DH_new()) == NULL) return(NULL);
-	dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
-	dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
-	if ((dh->p == NULL) || (dh->g == NULL)) {
-		DH_free(dh); return(NULL);
+	dhp_bn = BN_bin2bn(dhp_512, sizeof (dhp_512), NULL);
+	dhg_bn = BN_bin2bn(dhg_512, sizeof (dhg_512), NULL);
+	if (!DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {
+		DH_free(dh);
+		BN_free(dhp_bn);
+		BN_free(dhg_bn);
+		return(NULL);
 	}
 	return(dh);
 }