diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index d399e9aa5..56b5ff112 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1360,7 +1360,8 @@ static CURLcode verifystatus(struct connectdata *conn,
   ch = SSL_get_peer_cert_chain(connssl->handle);
   st = SSL_CTX_get_cert_store(connssl->ctx);
 
-#if (OPENSSL_VERSION_NUMBER <= 0x1000201fL) /* Fixed after 1.0.2a */
+#if ((OPENSSL_VERSION_NUMBER <= 0x1000201fL) /* Fixed after 1.0.2a */ || \
+     defined(LIBRESSL_VERSION_NUMBER))
   /* The authorized responder cert in the OCSP response MUST be signed by the
      peer cert's issuer (see RFC6960 section 4.2.2.2). If that's a root cert,
      no problem, but if it's an intermediate cert OpenSSL has a bug where it