diff --git a/0000-fix-openssl-build.patch b/0000-fix-openssl-build.patch
new file mode 100644
index 0000000000000000000000000000000000000000..a6fc05670c44059a3ea1bc45366d44b45e522add
--- /dev/null
+++ b/0000-fix-openssl-build.patch
@@ -0,0 +1,20 @@
+diff --git a/src/ssl_sock.c b/src/ssl_sock.c
+index c725f1f..1dd32d1 100644
+--- a/src/ssl_sock.c
++++ b/src/ssl_sock.c
+@@ -2270,13 +2270,13 @@ static void ssl_set_TLSv12_func(SSL *ssl, set_context_func c) {
+ 		: SSL_set_min_proto_version(ssl, TLS1_2_VERSION);
+ }
+ static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {
+-#if SSL_OP_NO_TLSv1_3
++#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
+ 	c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION)
+ 		: SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
+ #endif
+ }
+ static void ssl_set_TLSv13_func(SSL *ssl, set_context_func c) {
+-#if SSL_OP_NO_TLSv1_3
++#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
+ 	c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_3_VERSION)
+ 		: SSL_set_min_proto_version(ssl, TLS1_3_VERSION);
+ #endif
diff --git a/haproxy.spec b/haproxy.spec
index f34fe6e46a38504397035426ba476c932f40e183..32764c1f50812bf692c6401e0294c1bf90ca5581 100644
--- a/haproxy.spec
+++ b/haproxy.spec
@@ -5,7 +5,7 @@
 
 Name:             haproxy
 Version:          2.4.8
-Release:          1
+Release:          2
 Summary:          The Reliable, High Performance TCP/HTTP Load Balancer
 
 License:          GPLv2+
@@ -17,6 +17,7 @@ Source3:          %{name}.logrotate
 Source4:          %{name}.sysconfig
 
 Patch0001:        CVE-2022-0711.patch
+Patch0002:        0000-fix-openssl-build.patch
 
 BuildRequires:    gcc lua-devel pcre2-devel openssl-devel systemd-devel systemd libatomic
 Requires(pre):    shadow-utils
@@ -120,6 +121,9 @@ exit 0
 %{_mandir}/man1/*
 
 %changelog
+* Thu Jul 7 2022 yinyongkang <yinyongkang@kylinos.cn> - 2.4.8-2
+- Fix OpenSSL 3.0 build
+
 * Wed Mar 23 2022 xihaochen <xihaochen@h-partners.com> - 2.4.8-1
 - update haproxy to 2.4.8