diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h
index 66c30ff09..e4e5261eb 100644
--- a/include/haproxy/openssl-compat.h
+++ b/include/haproxy/openssl-compat.h
@@ -48,6 +48,10 @@
 #include <haproxy/quic_openssl_compat.h>
 #endif
 
+#if defined(USE_OPENSSL_AWSLC)
+#define OPENSSL_NO_DH
+#endif
+
 
 #if defined(LIBRESSL_VERSION_NUMBER)
 /* LibreSSL is a fork of OpenSSL 1.0.1g but pretends to be 2.0.0, thus
@@ -70,7 +74,7 @@
 #define HAVE_SSL_EXTRACT_RANDOM
 #endif
 
-#if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL) && !defined(LIBRESSL_VERSION_NUMBER))
+#if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(OPENSSL_IS_BORINGSSL) && !defined(USE_OPENSSL_AWSLC) && !defined(LIBRESSL_VERSION_NUMBER))
 #define HAVE_SSL_RAND_KEEP_RANDOM_DEVICES_OPEN
 #endif
 
@@ -119,7 +123,7 @@
 #endif
 
 
-#if defined(SSL_CTX_set_security_level) || HA_OPENSSL_VERSION_NUMBER >= 0x1010100fL
+#if (defined(SSL_CTX_set_security_level) || HA_OPENSSL_VERSION_NUMBER >= 0x1010100fL) && !defined(USE_OPENSSL_AWSLC)
 #define HAVE_SSL_SET_SECURITY_LEVEL
 #endif
 
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index e5eb746cf..acfa15b26 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -2560,10 +2560,12 @@ static int ssl_sock_load_dh_params(SSL_CTX *ctx, const struct ckch_data *data,
 				}
 			}
 			else {
+#ifndef OPENSSL_NO_DH
 #if (HA_OPENSSL_VERSION_NUMBER < 0x3000000fL)
 				SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh_cbk);
 #else
 				ssl_sock_set_tmp_dh_from_pkey(ctx, data ? data->key : NULL);
+#endif
 #endif
 			}
 		}
@@ -6945,7 +6947,7 @@ static void __ssl_sock_init(void)
 #ifdef HAVE_SSL_PROVIDERS
 	hap_register_post_deinit(ssl_unload_providers);
 #endif
-#if HA_OPENSSL_VERSION_NUMBER < 0x3000000fL
+#if (HA_OPENSSL_VERSION_NUMBER < 0x3000000fL) && !defined(USE_OPENSSL_AWSLC)
 	/* Load SSL string for the verbose & debug mode. */
 	ERR_load_SSL_strings();
 #endif