diff --git a/CMakeLists.txt b/CMakeLists.txt
index 963cd007..c6638683 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -12,7 +12,7 @@ IF(COMMAND CMAKE_POLICY)
       IF(POLICY ${P})
         CMAKE_POLICY(SET ${P} ${TYPE})
       ENDIF()
-    ENDFOREACH()   
+    ENDFOREACH()
   ENDFOREACH()
 ENDIF()
 
@@ -61,6 +61,7 @@ ADD_OPTION(WITH_DYNCOL "Enables support of dynamic coluumns" ON)
 ADD_OPTION(WITH_EXTERNAL_ZLIB "Enables use of external zlib" OFF)
 ADD_OPTION(WITH_CURL "Enables use of curl" ON)
 ADD_OPTION(WITH_SQLITE "Experimental" OFF)
+ADD_OPTION(WITH_SSL "Enables use of TLS/SSL library" ON)
 MARK_AS_ADVANCED(${OPT}WITH_SQLITE)
 ###############
 
@@ -122,7 +123,7 @@ IF(MSVC)
           ELSE()
             STRING(REPLACE "/Zi" "/Z7" COMPILER_FLAGS ${COMPILER_FLAGS})
           ENDIF()
-          MESSAGE (STATUS "CMAKE_${COMPILER}_FLAGS_${BUILD_TYPE}= ${COMPILER_FLAGS}") 
+          MESSAGE (STATUS "CMAKE_${COMPILER}_FLAGS_${BUILD_TYPE}= ${COMPILER_FLAGS}")
           SET(CMAKE_${COMPILER}_FLAGS_${BUILD_TYPE} ${COMPILER_FLAGS})
         ENDIF()
       ENDFOREACH()
@@ -131,7 +132,7 @@ IF(MSVC)
 ENDIF()
 ENDIF(NOT IS_SUBPROJECT)
 
-# Disable dbug information for release builds 
+# Disable dbug information for release builds
 SET(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -DDBUG_OFF")
 SET(CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE} -DDBUG_OFF")
 SET(CMAKE_C_FLAGS_RELWITHDEBINFO "${CMAKE_C_FLAGS_RELWITHDEBINFO} -DDBUG_OFF")
@@ -231,7 +232,7 @@ INCLUDE(${CC_SOURCE_DIR}/cmake/CheckFunctions.cmake)
 # check for various types
 INCLUDE(${CC_SOURCE_DIR}/cmake/CheckTypes.cmake)
 
-IF(NOT WITH_SSL OR WITH_SSL STREQUAL "OFF")
+IF(WITH_SSL STREQUAL "ON")
   IF(WIN32)
     SET(WITH_SSL "SCHANNEL")
   ELSE()
diff --git a/libmariadb/mariadb_lib.c b/libmariadb/mariadb_lib.c
index 15d6c6c8..e2a9a7d0 100644
--- a/libmariadb/mariadb_lib.c
+++ b/libmariadb/mariadb_lib.c
@@ -1008,8 +1008,12 @@ error:
 }
 
 int STDCALL
-mysql_ssl_set(MYSQL *mysql, const char *key, const char *cert,
-        const char *ca, const char *capath, const char *cipher)
+mysql_ssl_set(MYSQL *mysql __attribute__((unused)), 
+              const char *key __attribute__((unused)),
+              const char *cert __attribute__((unused)),
+              const char *ca __attribute__((unused)),
+              const char *capath __attribute__((unused)),
+              const char *cipher __attribute__((unused)))
 {
 #ifdef HAVE_TLS
   char enable= 1;
@@ -1028,7 +1032,7 @@ mysql_ssl_set(MYSQL *mysql, const char *key, const char *cert,
 **************************************************************************/
 
 const char * STDCALL
-mysql_get_ssl_cipher(MYSQL *mysql)
+mysql_get_ssl_cipher(MYSQL *mysql __attribute__((unused)))
 {
 #ifdef HAVE_TLS
   if (mysql->net.pvio && mysql->net.pvio->ctls)
diff --git a/libmariadb/secure/openssl.c b/libmariadb/secure/openssl.c
index b72955f9..85d3b244 100644
--- a/libmariadb/secure/openssl.c
+++ b/libmariadb/secure/openssl.c
@@ -669,7 +669,11 @@ int ma_tls_verify_server_cert(MARIADB_TLS *ctls)
   if (!(cn_asn1 = X509_NAME_ENTRY_get_data(cn_entry)))
     goto error;
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
   cn_str = (char *)ASN1_STRING_data(cn_asn1);
+#else
+  cn_str = (char *)ASN1_STRING_get0_data(cn_asn1);
+#endif
 
   /* Make sure there is no embedded \0 in the CN */
   if ((size_t)ASN1_STRING_length(cn_asn1) != strlen(cn_str))