diff --git a/Telegram/SourceFiles/core/utils.cpp b/Telegram/SourceFiles/core/utils.cpp
index 160af3f77..241b12360 100644
--- a/Telegram/SourceFiles/core/utils.cpp
+++ b/Telegram/SourceFiles/core/utils.cpp
@@ -30,8 +30,6 @@ extern "C" {
 #include <time.h>
 #endif
 
-#include <QtNetwork/QSslSocket>
-
 uint64 _SharedMemoryLocation[4] = { 0x00, 0x01, 0x02, 0x03 };
 
 // Base types compile-time check
@@ -56,15 +54,6 @@ static_assert(sizeof(int) >= 4, "Basic types size check failed");
 
 // Precise timing functions / rand init
 
-struct CRYPTO_dynlock_value {
-	QMutex mutex;
-};
-
-namespace {
-	bool _sslInited = false;
-	QMutex *_sslLocks = nullptr;
-}
-
 namespace ThirdParty {
 
 	void start() {
@@ -94,45 +83,11 @@ namespace ThirdParty {
 				LOG(("MTP Error: Could not init OpenSSL rand, RAND_status() is 0..."));
 			}
 		}
-
-		// Force OpenSSL loading if it is linked in Qt,
-		// so that we won't mess with our OpenSSL locking with Qt OpenSSL locking.
-		auto sslSupported = QSslSocket::supportsSsl();
-		if (!sslSupported) {
-			LOG(("Error: current Qt build doesn't support SSL requests."));
-		}
-		if (!CRYPTO_get_locking_callback()) {
-			// Qt didn't initialize OpenSSL, so we will.
-			auto numLocks = CRYPTO_num_locks();
-			if (numLocks) {
-				_sslLocks = new QMutex[numLocks];
-				CRYPTO_set_locking_callback(_sslLockingCallback);
-			} else {
-				LOG(("MTP Error: Could not init OpenSSL threads, CRYPTO_num_locks() returned zero!"));
-			}
-		}
-		if (!CRYPTO_get_dynlock_create_callback()) {
-			CRYPTO_set_dynlock_create_callback(_sslCreateFunction);
-			CRYPTO_set_dynlock_lock_callback(_sslLockFunction);
-			CRYPTO_set_dynlock_destroy_callback(_sslDestroyFunction);
-		} else if (!CRYPTO_get_dynlock_lock_callback()) {
-			LOG(("MTP Error: dynlock_create callback is set without dynlock_lock callback!"));
-		}
-
-		_sslInited = true;
 	}
 
 	void finish() {
-		CRYPTO_cleanup_all_ex_data();
-#ifndef LIBRESSL_VERSION_NUMBER
 		FIPS_mode_set(0);
-#endif
-		ENGINE_cleanup();
 		CONF_modules_unload(1);
-		ERR_free_strings();
-		EVP_cleanup();
-
-		delete[] base::take(_sslLocks);
 
 		Platform::ThirdParty::finish();
 	}
diff --git a/Telegram/SourceFiles/mtproto/details/mtproto_rsa_public_key.cpp b/Telegram/SourceFiles/mtproto/details/mtproto_rsa_public_key.cpp
index a053a18ac..312c8b1dd 100644
--- a/Telegram/SourceFiles/mtproto/details/mtproto_rsa_public_key.cpp
+++ b/Telegram/SourceFiles/mtproto/details/mtproto_rsa_public_key.cpp
@@ -11,42 +11,6 @@ https://github.com/telegramdesktop/tdesktop/blob/master/LEGAL
 
 namespace MTP::details {
 namespace {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
-
-// This is a key setter for compatibility with OpenSSL 1.0
-int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) {
-	if ((r->n == nullptr && n == nullptr) || (r->e == nullptr && e == nullptr)) {
-		return 0;
-	}
-	if (n != nullptr) {
-		BN_free(r->n);
-		r->n = n;
-	}
-	if (e != nullptr) {
-		BN_free(r->e);
-		r->e = e;
-	}
-	if (d != nullptr) {
-		BN_free(r->d);
-		r->d = d;
-	}
-	return 1;
-}
-
-// This is a key getter for compatibility with OpenSSL 1.0
-void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) {
-	if (n != nullptr) {
-		*n = r->n;
-	}
-	if (e != nullptr) {
-		*e = r->e;
-	}
-	if (d != nullptr) {
-		*d = r->d;
-	}
-}
-
-#endif
 
 enum class Format {
 	RSAPublicKey,
@@ -168,7 +132,7 @@ bytes::vector RSAPublicKey::Private::encrypt(bytes::const_span data) const {
 	auto result = bytes::vector(kEncryptSize, gsl::byte{});
 	auto res = RSA_public_encrypt(kEncryptSize, reinterpret_cast<const unsigned char*>(data.data()), reinterpret_cast<unsigned char*>(result.data()), _rsa, RSA_NO_PADDING);
 	if (res < 0 || res > kEncryptSize) {
-		ERR_load_crypto_strings();
+		OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, nullptr);
 		LOG(("RSA Error: RSA_public_encrypt failed, key fp: %1, result: %2, error: %3").arg(fingerprint()).arg(res).arg(ERR_error_string(ERR_get_error(), 0)));
 		return {};
 	} else if (auto zeroBytes = kEncryptSize - res) {
@@ -186,7 +150,7 @@ bytes::vector RSAPublicKey::Private::decrypt(bytes::const_span data) const {
 	auto result = bytes::vector(kDecryptSize, gsl::byte{});
 	auto res = RSA_public_decrypt(kDecryptSize, reinterpret_cast<const unsigned char*>(data.data()), reinterpret_cast<unsigned char*>(result.data()), _rsa, RSA_NO_PADDING);
 	if (res < 0 || res > kDecryptSize) {
-		ERR_load_crypto_strings();
+		OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, nullptr);
 		LOG(("RSA Error: RSA_public_encrypt failed, key fp: %1, result: %2, error: %3").arg(fingerprint()).arg(res).arg(ERR_error_string(ERR_get_error(), 0)));
 		return {};
 	} else if (auto zeroBytes = kDecryptSize - res) {
@@ -209,7 +173,7 @@ bytes::vector RSAPublicKey::Private::encryptOAEPpadding(bytes::const_span data)
 		_rsa,
 		RSA_PKCS1_OAEP_PADDING);
 	if (encryptedSize != resultSize) {
-		ERR_load_crypto_strings();
+		OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS, nullptr);
 		LOG(("RSA Error: RSA_public_encrypt failed, "
 			"key fp: %1, result: %2, error: %3"
 			).arg(fingerprint()