---- pppd/eap-tls.c
-+++ pppd/eap-tls.c
-@@ -328,11 +328,12 @@ SSL_CTX *eaptls_init_ssl(int init_server, char *cacertfile, char *capath,
-
- SSL_library_init();
- SSL_load_error_strings();
-- /* load the openssl config file only once */
-- if (!ssl_config)
-- {
-- ssl_config = eaptls_ssl_load_config();
-- }
-+
-+ /* load the openssl config file only once and load it before triggering
-+ the loading of a global openssl config file via SSL_CTX_new()
-+ */
-+ if (!ssl_config)
-+ ssl_config = eaptls_ssl_load_config();
-
- ctx = SSL_CTX_new(TLS_method());
-
-@@ -403,13 +404,12 @@ SSL_CTX *eaptls_init_ssl(int init_server, char *cacertfile, char *capath,
- pkey_identifier = cert_identifier;
- }
- }
--
- }
-
- if (ssl_config && cert_engine_name)
- cert_engine = eaptls_ssl_load_engine( cert_engine_name );
-
-- if (pkey_engine_name)
-+ if (ssl_config && pkey_engine_name)
- {
- /* don't load the same engine twice */
- if ( cert_engine && strcmp( cert_engine_name, pkey_engine_name) == 0 )