diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c

index 19d3ec7..926e05e 100644

--- a/modules/ssl/mod_ssl.c

+++ b/modules/ssl/mod_ssl.c

@@ -295,9 +295,12 @@ static apr_status_t ssl_cleanup_pre_config(void *data)

 #endif

     ERR_remove_state(0);

-    /* Don't call ERR_free_strings here; ERR_load_*_strings only

-     * actually load the error strings once per process due to static

+    /* Don't call ERR_free_strings in earlier versions, ERR_load_*_strings only

+     * actually loaded the error strings once per process due to static

      * variable abuse in OpenSSL. */

+#if (OPENSSL_VERSION_NUMBER >= 0x00090805f)

+    ERR_free_strings();

+#endif

     /* Also don't call CRYPTO_cleanup_all_ex_data here; any registered

      * ex_data indices may have been cached in static variables in

diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c

index 8425acb..508991e 100644

--- a/modules/ssl/ssl_engine_init.c

+++ b/modules/ssl/ssl_engine_init.c

@@ -1065,7 +1065,7 @@ static void ssl_init_server_certs(server_rec *s,

     const char *ecc_id;

     EC_GROUP *ecparams;

     int nid;

-    EC_KEY *eckey;

+    EC_KEY *eckey = NULL;

 #endif

     const char *vhost_id = mctx->sc->vhost_id;

     int i;

@@ -1151,10 +1151,11 @@ static void ssl_init_server_certs(server_rec *s,

 #if defined(SSL_CTX_set_ecdh_auto)

         SSL_CTX_set_ecdh_auto(mctx->ssl_ctx, 1);

 #else

-        SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx,

-                             EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));

+        eckey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);

+        SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, eckey);

 #endif

     }

+    EC_KEY_free(eckey);

 #endif

 }