diff --git a/CHANGES b/CHANGES
index b521d0aa3a..e09ccccab3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,11 @@
 
 -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 
+1.6-dev.2 Wed Dec  8 03:57:03 PST 2010
+
+- Compatibility fix for OpenSSL 1.0.0 (Christian Kreibich, Gregor
+  Maier).
+
 1.6-dev.1 Sat Nov 27 12:19:47 PST 2010
 
 - Merge with Subversion repository as of r7098. Incorporated changes:
diff --git a/VERSION b/VERSION
index 1bbb37c5bd..145483ad7b 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.6-dev.1
+1.6-dev.2
diff --git a/src/X509.cc b/src/X509.cc
index c8975cc581..9de73d2a9d 100644
--- a/src/X509.cc
+++ b/src/X509.cc
@@ -192,7 +192,7 @@ int X509_Cert::verifyChain(Contents_SSL* e, const u_char* data, uint32 len)
 	// but in chain format).
 
 	// Init the stack.
-	STACK_OF(X509)* untrustedCerts = sk_new_null();
+	STACK_OF(X509)* untrustedCerts = sk_X509_new_null();
 	if ( ! untrustedCerts )
 		{
 		// Internal error allocating stack of untrusted certs.
@@ -233,7 +233,7 @@ int X509_Cert::verifyChain(Contents_SSL* e, const u_char* data, uint32 len)
 		else
 			// The remaining certificates (if any) are put into
 			// the list of untrusted certificates
-			sk_push(untrustedCerts, (char*) pTemp);
+			sk_X509_push(untrustedCerts, pTemp);
 
 		tempLength += certLength + 3;
 		}
@@ -259,7 +259,7 @@ int X509_Cert::verifyChain(Contents_SSL* e, const u_char* data, uint32 len)
 	// Free the stack, incuding. contents.
 
 	// FIXME: could this break Bro's memory tracking?
-	sk_pop_free(untrustedCerts, free);
+	sk_X509_pop_free(untrustedCerts, X509_free);
 
 	return ret;
 	}
diff --git a/src/ssl-analyzer.pac b/src/ssl-analyzer.pac
index d08be0c886..78baecc5cc 100644
--- a/src/ssl-analyzer.pac
+++ b/src/ssl-analyzer.pac
@@ -370,7 +370,7 @@ refine analyzer SSLAnalyzer += {
 			STACK_OF(X509)* untrusted_certs = 0;
 			if ( certificates->size() > 1 )
 				{
-				untrusted_certs = sk_new_null();
+				untrusted_certs = sk_X509_new_null();
 				if ( ! untrusted_certs )
 					{
 					// X509_V_ERR_OUT_OF_MEM;
@@ -393,7 +393,7 @@ refine analyzer SSLAnalyzer += {
 						return false;
 						}
 
-					sk_push(untrusted_certs, (char*) pTemp);
+					sk_X509_push(untrusted_certs, pTemp);
 					}
 				}
 
@@ -405,7 +405,7 @@ refine analyzer SSLAnalyzer += {
 				certificate_error(csc.error);
 			X509_STORE_CTX_cleanup(&csc);
 
-			sk_pop_free(untrusted_certs, free_X509);
+			sk_X509_pop_free(untrusted_certs, X509_free);
 			}
 
 		X509_free(pCert);