--- a/configure.ac
+++ b/configure.ac
@@ -286,7 +286,7 @@
 
   if test "x$ssl_ok" = "xyes"; then
     old_libs="$LIBS"
-    AC_CHECK_LIB(ssl, SSL_library_init, ssl_ok=yes, ssl_ok=no, -lcrypto)
+    AC_CHECK_LIB(ssl, OPENSSL_config, ssl_ok=yes, ssl_ok=no, -lcrypto)
     LIBS="$old_libs"
   fi

--- a/dpi/https.c
+++ b/dpi/https.c
@@ -295,6 +295,16 @@
      }
    }
 
+   // fix for SNI servername 2017-08-11
+   MSG("SNI setting (%s)\n", root_url);
+   if (exit_error == 0){
+      MSG("really do SNI setting\n");
+      if (SSL_set_tlsext_host_name(ssl_connection, root_url) != 1){
+         MSG("SSL_set_tlsext_host_name failed\n");
+         ERR_print_errors_fp(stderr);
+         exit_error = 1;
+      }
+   }
    if (exit_error == 0){
       /*Actually do SSL connection handshake*/
       if (SSL_connect(ssl_connection) != 1){
@@ -476,7 +486,8 @@
       case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
          /*Either self signed and untrusted*/
          /*Extract CN from certificate name information*/
-         if ((cn = strstr(remote_cert->name, "/CN=")) == NULL) {
+         X509_NAME_oneline(X509_get_subject_name(remote_cert), buf, sizeof(buf));
+         if ((cn = strstr(buf, "/CN=")) == NULL) {
             strcpy(buf, "(no CN given)");
          } else {
             char *cn_end;