diff --git a/lib/rsa.c b/lib/rsa.c
index 63fdd1a..7cca150 100644
--- a/lib/rsa.c
+++ b/lib/rsa.c
@@ -11,13 +11,54 @@
 #include "rsa.h"
 #include "utils.h"
 
+/* Forward compatibility functions if libssl < 1.1.0. */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
+{
+
+   /* If the fields n and e in r are NULL, the corresponding input
+    * parameters MUST be non-NULL for n and e.  d may be
+    * left NULL (in case only the public key is used).
+    */
+   if ((r->n == NULL && n == NULL)
+       || (r->e == NULL && e == NULL))
+       return 0;
+   if (n != NULL) {
+       BN_free(r->n);
+       r->n = n;
+   }
+   if (e != NULL) {
+       BN_free(r->e);
+       r->e = e;
+   }
+   if (d != NULL) {
+       BN_free(r->d);
+       r->d = d;
+   }
+   return 1;
+}
+
+void RSA_get0_key(const RSA *r,
+                 const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
+{
+   
+   if (n != NULL)
+       *n = r->n;
+   if (e != NULL)
+       *e = r->e;
+   if (d != NULL)
+       *d = r->d;
+}
+#endif
+
 RSA*
 private_key_to_pub(RSA *priv)
 {
     RSA *pub = RSA_new();
+    const BIGNUM *n, *e; 
 
-    pub->n = BN_dup(priv->n);
-    pub->e = BN_dup(priv->e);
+    RSA_get0_key (priv, &n, &e, NULL);
+    RSA_set0_key (pub, BN_dup(n), BN_dup(e), NULL); 
 
     return pub;
 }
@@ -28,18 +69,21 @@ GString* public_key_to_gstring(const RSA *rsa)
     GString *buf = g_string_new(NULL);
     unsigned char *temp;
     char *coded;
+    const BIGNUM *n, *e;
+
+    RSA_get0_key (rsa, &n, &e, NULL);
+    gsize len = BN_num_bytes(n);
 
-    gsize len = BN_num_bytes(rsa->n);
     temp = malloc(len);
-    BN_bn2bin(rsa->n, temp);
+    BN_bn2bin(n, temp);
     coded = g_base64_encode(temp, len);
     g_string_append (buf, coded);
     g_string_append_c (buf, ' ');
     g_free(coded);
     
-    len = BN_num_bytes(rsa->e);
+    len = BN_num_bytes(e);
     temp = realloc(temp, len);
-    BN_bn2bin(rsa->e, temp);
+    BN_bn2bin(e, temp);
     coded = g_base64_encode(temp, len);
     g_string_append (buf, coded);
     g_free(coded);
@@ -54,18 +98,20 @@ public_key_append_to_gstring(const RSA *rsa, GString *buf)
 {
     unsigned char *temp;
     char *coded;
+    const BIGNUM *n, *e;
 
-    gsize len = BN_num_bytes(rsa->n);
+    RSA_get0_key (rsa, &n, &e, NULL);
+    gsize len = BN_num_bytes(n);
     temp = malloc(len);
-    BN_bn2bin(rsa->n, temp);
+    BN_bn2bin(n, temp);
     coded = g_base64_encode(temp, len);
     g_string_append (buf, coded);
     g_string_append_c (buf, ' ');
     g_free(coded);
     
-    len = BN_num_bytes(rsa->e);
+    len = BN_num_bytes(e);
     temp = realloc(temp, len);
-    BN_bn2bin(rsa->e, temp);
+    BN_bn2bin(e, temp);
     coded = g_base64_encode(temp, len);
     g_string_append (buf, coded);
     g_free(coded);
@@ -78,6 +124,8 @@ RSA* public_key_from_string(char *str)
     char *p;
     unsigned char *num;
     gsize len;
+    BIGNUM *n = NULL, *e = NULL;
+
     if (!str)
         return NULL;
 
@@ -88,22 +136,28 @@ RSA* public_key_from_string(char *str)
     RSA *key = RSA_new();
 
     num = g_base64_decode(str, &len);
-    key->n = BN_bin2bn(num, len, NULL);
-    if (!key->n)
+    n = BN_bin2bn(num, len, NULL);
+    if (!n)
         goto err;
     g_free(num);
     
     num = g_base64_decode(p+1, &len);
-    key->e = BN_bin2bn(num, len, NULL);
-    if (!key->e)
+    e = BN_bin2bn(num, len, NULL);
+    if (!e)
         goto err;
     g_free(num);
 
+    RSA_set0_key (key, n, e, NULL);
+
     *p = ' ';
     return key;
 err:
     *p = ' ';
     RSA_free (key);
+    if (n)
+        BN_free (n);
+    if (e)
+        BN_free (e);
     g_free(num);
     return NULL;
 }
diff --git a/lib/utils.c b/lib/utils.c
index 9a73b78..d0d4b9e 100644
--- a/lib/utils.c
+++ b/lib/utils.c
@@ -1053,14 +1053,14 @@ ccnet_encrypt_with_key (char **data_out,
         return -1;
     }
 
-    EVP_CIPHER_CTX ctx;
+    EVP_CIPHER_CTX *ctx;
     int ret;
     int blks;
 
     /* Prepare CTX for encryption. */
-    EVP_CIPHER_CTX_init (&ctx);
+    ctx = EVP_CIPHER_CTX_new ();
 
-    ret = EVP_EncryptInit_ex (&ctx,
+    ret = EVP_EncryptInit_ex (ctx,
                               EVP_aes_256_cbc(), /* cipher mode */
                               NULL, /* engine, NULL for default */
                               key,  /* derived key */
@@ -1068,6 +1068,7 @@ ccnet_encrypt_with_key (char **data_out,
 
     if (ret == ENC_FAILURE) {
         g_warning ("error init\n");
+	EVP_CIPHER_CTX_free (ctx);
         return -1;
     }
 
@@ -1089,7 +1090,7 @@ ccnet_encrypt_with_key (char **data_out,
     int update_len, final_len;
 
     /* Do the encryption. */
-    ret = EVP_EncryptUpdate (&ctx,
+    ret = EVP_EncryptUpdate (ctx,
                              (unsigned char*)*data_out,
                              &update_len,
                              (unsigned char*)data_in,
@@ -1100,7 +1101,7 @@ ccnet_encrypt_with_key (char **data_out,
     }
 
     /* Finish the possible partial block. */
-    ret = EVP_EncryptFinal_ex (&ctx,
+    ret = EVP_EncryptFinal_ex (ctx,
                                (unsigned char*)*data_out + update_len,
                                &final_len);
     *out_len = update_len + final_len;
@@ -1109,11 +1110,11 @@ ccnet_encrypt_with_key (char **data_out,
         goto enc_error;
     }
 
-    EVP_CIPHER_CTX_cleanup (&ctx);
+    EVP_CIPHER_CTX_free (ctx);
     return 0;
 
 enc_error:
-    EVP_CIPHER_CTX_cleanup (&ctx);
+    EVP_CIPHER_CTX_free (ctx);
     *out_len = -1;
     if (*data_out != NULL)
         g_free (*data_out);
@@ -1138,23 +1139,24 @@ ccnet_decrypt_with_key (char **data_out,
         return -1;
     }
 
-    EVP_CIPHER_CTX ctx;
+    EVP_CIPHER_CTX *ctx;
     int ret;
 
     *data_out = NULL;
     *out_len = -1;
 
     /* Prepare CTX for decryption. */
-    EVP_CIPHER_CTX_init (&ctx);
-    ret = EVP_DecryptInit_ex (&ctx,
+    ctx = EVP_CIPHER_CTX_new (); 
+    ret = EVP_DecryptInit_ex (ctx,
                               EVP_aes_256_cbc(), /* cipher mode */
                               NULL, /* engine, NULL for default */
                               key,  /* derived key */
                               iv);  /* initial vector */
 
-    if (ret == DEC_FAILURE)
+    if (ret == DEC_FAILURE) {
+        EVP_CIPHER_CTX_free (ctx); 
         return -1;
-
+    }
     /* Allocating output buffer. */
     *data_out = (char *)g_malloc (in_len);
     if (*data_out == NULL) {
@@ -1165,7 +1167,7 @@ ccnet_decrypt_with_key (char **data_out,
     int update_len, final_len;
 
     /* Do the decryption. */
-    ret = EVP_DecryptUpdate (&ctx,
+    ret = EVP_DecryptUpdate (ctx,
                              (unsigned char*)*data_out,
                              &update_len,
                              (unsigned char*)data_in,
@@ -1174,7 +1176,7 @@ ccnet_decrypt_with_key (char **data_out,
         goto dec_error;
 
     /* Finish the possible partial block. */
-    ret = EVP_DecryptFinal_ex (&ctx,
+    ret = EVP_DecryptFinal_ex (ctx,
                                (unsigned char*)*data_out + update_len,
                                &final_len);
     *out_len = update_len + final_len;
@@ -1182,11 +1184,11 @@ ccnet_decrypt_with_key (char **data_out,
     if (ret == DEC_FAILURE || *out_len > in_len)
         goto dec_error;
 
-    EVP_CIPHER_CTX_cleanup (&ctx);
+    EVP_CIPHER_CTX_free (ctx); 
     return 0;
 
 dec_error:
-    EVP_CIPHER_CTX_cleanup (&ctx);
+    EVP_CIPHER_CTX_free (ctx); 
     *out_len = -1;
     if (*data_out != NULL)
         g_free (*data_out);
diff --git a/tools/ccnet-init.c b/tools/ccnet-init.c
index 229c993..4748962 100644
--- a/tools/ccnet-init.c
+++ b/tools/ccnet-init.c
@@ -162,7 +162,7 @@ main(int argc, char **argv)
 
     config_dir = ccnet_expand_path (config_dir);
     /* printf("[conf_dir=%s\n]", config_dir); */
-    SSLeay_add_all_algorithms();
+    OpenSSL_add_all_algorithms();  
 
     if (RAND_status() != 1) {   /* it should be seeded automatically */
         fprintf(stderr, "PRNG is not seeded\n");