--- a/src/tls.c
+++ b/src/tls.c
@@ -45,6 +45,10 @@
 # include <openssl/err.h>
 # include <openssl/rand.h>
 # include <openssl/evp.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define X509_getm_notBefore X509_get_notBefore
+#define X509_getm_notAfter X509_get_notAfter
+#endif
 #endif /* HAVE_LIBSSL */
 
 #ifdef HAVE_LIBIDN
@@ -167,8 +171,10 @@ int tls_lib_init(char **errstr)
 #ifdef HAVE_LIBSSL
     int e;
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
     SSL_load_error_strings();
     SSL_library_init();
+#endif
     if ((e = seed_prng(errstr)) != TLS_EOK)
     {
         return e;
@@ -518,7 +524,7 @@ int tls_cert_info_get(tls_t *tls, tls_cert_info_t *tci, char **errstr)
         *errstr = xasprintf(_("%s: error getting SHA1 fingerprint"), errmsg);
         return TLS_ECERT;
     }
-    asn1time = X509_get_notBefore(x509cert);
+    asn1time = X509_getm_notBefore(x509cert);
     if (asn1time_to_time_t((char *)asn1time->data,
                 (asn1time->type != V_ASN1_GENERALIZEDTIME),
                 &(tci->activation_time)) != 0)
@@ -528,7 +534,7 @@ int tls_cert_info_get(tls_t *tls, tls_cert_info_t *tci, char **errstr)
         tls_cert_info_free(tci);
         return TLS_ECERT;
     }
-    asn1time = X509_get_notAfter(x509cert);
+    asn1time = X509_getm_notAfter(x509cert);
     if (asn1time_to_time_t((char *)asn1time->data,
                 (asn1time->type != V_ASN1_GENERALIZEDTIME),
                 &(tci->expiration_time)) != 0)