diff --git a/openssl/android-aarch64/PKGBUILD b/openssl/android-aarch64/PKGBUILD
index adeb5a6a..c4cf7665 100644
--- a/openssl/android-aarch64/PKGBUILD
+++ b/openssl/android-aarch64/PKGBUILD
@@ -5,7 +5,7 @@ _pkg_arch=aarch64
 _android_arch=arm64-v8a
 _android_platform_arch=arch-arm64
 _pkgname=openssl
-_pkgver=3.1.1
+_pkgver=3.1.2
 
 pkgname=android-$_pkg_arch-$_pkgname
 # use a pacman compatible version scheme
@@ -21,11 +21,12 @@ makedepends=('android-environment' 'android-sdk-build-tools')
 conflicts=("android-$_pkgname-$_android_arch")
 replaces=("android-$_pkgname-$_android_arch")
 source=("https://www.openssl.org/source/openssl-${_pkgver}.tar.gz"{,.asc})
-sha256sums=('b3aa61334233b852b63ddb048df181177c2c659eb9d4376008118f9c08d07674'
+sha256sums=('a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539'
             'SKIP')
 validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491'
               '7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C'
-              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C')
+              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C'
+              'EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5')
 
 build() {
   cd "${srcdir}/${_pkgname}-${_pkgver}"
diff --git a/openssl/android-armv7a-eabi/PKGBUILD b/openssl/android-armv7a-eabi/PKGBUILD
index dcef0211..97dcd55a 100644
--- a/openssl/android-armv7a-eabi/PKGBUILD
+++ b/openssl/android-armv7a-eabi/PKGBUILD
@@ -5,7 +5,7 @@ _pkg_arch=armv7a-eabi
 _android_arch=armeabi-v7a
 _android_platform_arch=arch-arm
 _pkgname=openssl
-_pkgver=3.1.1
+_pkgver=3.1.2
 
 pkgname=android-$_pkg_arch-$_pkgname
 # use a pacman compatible version scheme
@@ -21,11 +21,12 @@ makedepends=('android-environment' 'android-sdk-build-tools')
 conflicts=("android-$_pkgname-$_android_arch")
 replaces=("android-$_pkgname-$_android_arch")
 source=("https://www.openssl.org/source/openssl-${_pkgver}.tar.gz"{,.asc})
-sha256sums=('b3aa61334233b852b63ddb048df181177c2c659eb9d4376008118f9c08d07674'
+sha256sums=('a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539'
             'SKIP')
 validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491'
               '7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C'
-              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C')
+              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C'
+              'EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5')
 
 build() {
   cd "${srcdir}/${_pkgname}-${_pkgver}"
diff --git a/openssl/android-x86-64/PKGBUILD b/openssl/android-x86-64/PKGBUILD
index 7bf21772..277045d1 100644
--- a/openssl/android-x86-64/PKGBUILD
+++ b/openssl/android-x86-64/PKGBUILD
@@ -5,7 +5,7 @@ _pkg_arch=x86-64
 _android_arch=x86_64
 _android_platform_arch=arch-x86_64
 _pkgname=openssl
-_pkgver=3.1.1
+_pkgver=3.1.2
 
 pkgname=android-$_pkg_arch-$_pkgname
 # use a pacman compatible version scheme
@@ -21,11 +21,12 @@ makedepends=('android-environment' 'android-sdk-build-tools')
 conflicts=("android-$_pkgname-$_android_arch")
 replaces=("android-$_pkgname-$_android_arch")
 source=("https://www.openssl.org/source/openssl-${_pkgver}.tar.gz"{,.asc})
-sha256sums=('b3aa61334233b852b63ddb048df181177c2c659eb9d4376008118f9c08d07674'
+sha256sums=('a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539'
             'SKIP')
 validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491'
               '7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C'
-              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C')
+              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C'
+              'EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5')
 
 build() {
   cd "${srcdir}/${_pkgname}-${_pkgver}"
diff --git a/openssl/android-x86/PKGBUILD b/openssl/android-x86/PKGBUILD
index b0a705c8..82d4223e 100644
--- a/openssl/android-x86/PKGBUILD
+++ b/openssl/android-x86/PKGBUILD
@@ -5,7 +5,7 @@ _pkg_arch=x86
 _android_arch=x86
 _android_platform_arch=arch-x86
 _pkgname=openssl
-_pkgver=3.1.1
+_pkgver=3.1.2
 
 pkgname=android-$_pkg_arch-$_pkgname
 # use a pacman compatible version scheme
@@ -21,11 +21,12 @@ makedepends=('android-environment' 'android-sdk-build-tools')
 conflicts=("android-$_pkgname-$_android_arch")
 replaces=("android-$_pkgname-$_android_arch")
 source=("https://www.openssl.org/source/openssl-${_pkgver}.tar.gz"{,.asc})
-sha256sums=('b3aa61334233b852b63ddb048df181177c2c659eb9d4376008118f9c08d07674'
+sha256sums=('a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539'
             'SKIP')
 validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491'
               '7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C'
-              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C')
+              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C'
+              'EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5')
 
 build() {
   cd "${srcdir}/${_pkgname}-${_pkgver}"
diff --git a/openssl/default/PKGBUILD b/openssl/default/PKGBUILD
deleted file mode 100644
index 2bb9512e..00000000
--- a/openssl/default/PKGBUILD
+++ /dev/null
@@ -1,66 +0,0 @@
-# $Id$
-# Maintainer: Pierre Schmitz <pierre@archlinux.de>
-
-pkgname=openssl
-_ver=1.1.0h
-# use a pacman compatible version scheme
-pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
-#pkgver=$_ver
-pkgrel=1
-pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security'
-arch=('x86_64')
-url='https://www.openssl.org'
-license=('custom:BSD')
-depends=('perl')
-optdepends=('ca-certificates')
-backup=('etc/ssl/openssl.cnf')
-source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz"
-        "https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz.asc"
-        'ca-dir.patch')
-sha256sums=('5835626cde9e99656585fc7aaa2302a73a7e1340bf8c14fd635a62c66802a517'
-            'SKIP'
-            '90c7411fed0157116f2df8f4be755aaf5a26e8484351b4e6a79492805d5f2790')
-validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491')
-
-prepare() {
-	cd "$srcdir/$pkgname-$_ver"
-
-	# set ca dir to /etc/ssl by default
-	patch -p0 -i "$srcdir/ca-dir.patch"
-}
-
-build() {
-	cd "$srcdir/$pkgname-$_ver"
-
-	if [ "${CARCH}" == 'x86_64' ]; then
-		openssltarget='linux-x86_64'
-		optflags='enable-ec_nistp_64_gcc_128'
-	elif [ "${CARCH}" == 'i686' ]; then
-		openssltarget='linux-elf'
-		optflags=''
-	fi
-
-	# mark stack as non-executable: http://bugs.archlinux.org/task/12434
-	./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
-		shared no-ssl3-method ${optflags} \
-		"${openssltarget}" \
-		"-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
-
-	make depend
-	make
-}
-
-check() {
-	cd "$srcdir/$pkgname-$_ver"
-	# the test fails due to missing write permissions in /etc/ssl
-	# revert this patch for make test
-	patch -p0 -R -i "$srcdir/ca-dir.patch"
-	make test
-	patch -p0 -i "$srcdir/ca-dir.patch"
-}
-
-package() {
-	cd "$srcdir/$pkgname-$_ver"
-	make DESTDIR=$pkgdir MANDIR=/usr/share/man MANSUFFIX=ssl install_sw install_ssldirs install_man_docs
-	install -D -m644 LICENSE $pkgdir/usr/share/licenses/$pkgname/LICENSE
-}
diff --git a/openssl/default/ca-dir.patch b/openssl/default/ca-dir.patch
deleted file mode 100644
index 767b61df..00000000
--- a/openssl/default/ca-dir.patch
+++ /dev/null
@@ -1,127 +0,0 @@
-<!DOCTYPE html>
-<html lang='en'>
-<head>
-<title>ca-dir.patch\trunk - svntogit/packages.git - Git clone of the 'packages' repository
-</title>
-<meta name='generator' content='cgit v0.12'/>
-<meta name='robots' content='index, nofollow'/>
-<link rel='stylesheet' type='text/css' href='/cgit.css'/>
-<link rel='shortcut icon' href='/favicon.ico'/>
-<link rel='alternate' title='Atom feed' href='https://git.archlinux.org/svntogit/packages.git/atom/trunk/ca-dir.patch?h=packages/openssl' type='application/atom+xml'/>
-<link rel='vcs-git' href='https://git.archlinux.org/svntogit/packages.git' title='svntogit/packages.git Git repository'/>
-<link rel='vcs-git' href='git://git.archlinux.org/svntogit/packages.git' title='svntogit/packages.git Git repository'/>
-<link rel='vcs-git' href='ssh://git.archlinux.org/srv/git/svntogit/packages.git' title='svntogit/packages.git Git repository'/>
-</head>
-<body>
-	<div id="archnavbar"><!-- Arch Linux global navigation bar -->
-		<div id="archnavbarlogo">
-			<p><a href="http://www.archlinux.org/" title="Arch news, packages, projects and more"></a></p>
-		</div>
-		<div id="archnavbarmenu">
-			<ul id="archnavbarlist">
-				<li id="anb-home"><a href="http://www.archlinux.org/" title="Arch news, packages, projects and more">Home</a></li>
-				<li id="anb-packages"><a href="http://www.archlinux.org/packages/" title="Arch Package Database">Packages</a></li>
-				<li id="anb-forums"><a href="https://bbs.archlinux.org/" title="Community forums">Forums</a></li>
-				<li id="anb-wiki"><a href="https://wiki.archlinux.org/" title="Community documentation">Wiki</a></li>
-				<li id="anb-bugs"><a href="https://bugs.archlinux.org/" title="Report and follow bugs">Bugs</a></li>
-				<li id="anb-sec"><a href="https://security.archlinux.org/" title="Security Tracker">Security</a></li>
-				<li id="anb-aur"><a href="https://aur.archlinux.org/" title="Arch Linux User Repository">AUR</a></li>
-				<li id="anb-download"><a href="http://www.archlinux.org/download/" title="Get Arch Linux">Download</a></li>
-			</ul>
-		</div>
-	</div><!-- #archnavbar -->
-<div id='cgit'><table id='header'>
-<tr>
-<td class='main'><a href='/'>index</a> : <a title='svntogit/packages.git' href='/svntogit/packages.git/'>svntogit/packages.git</a></td></tr>
-<tr><td class='sub'>Git clone of the 'packages' repository
-</td><td class='sub right'></td></tr></table>
-<table class='tabs'><tr><td>
-<a href='/svntogit/packages.git/?h=packages/openssl'>summary</a><a href='/svntogit/packages.git/refs/?h=packages/openssl'>refs</a><a href='/svntogit/packages.git/log/trunk/ca-dir.patch?h=packages/openssl'>log</a><a class='active' href='/svntogit/packages.git/tree/trunk/ca-dir.patch?h=packages/openssl'>tree</a><a href='/svntogit/packages.git/commit/trunk/ca-dir.patch?h=packages/openssl'>commit</a><a href='/svntogit/packages.git/diff/trunk/ca-dir.patch?h=packages/openssl'>diff</a><a href='/svntogit/packages.git/stats/trunk/ca-dir.patch?h=packages/openssl'>stats</a></td><td class='form'><form class='right' method='get' action='/svntogit/packages.git/log/trunk/ca-dir.patch'>
-<input type='hidden' name='h' value='packages/openssl'/><select name='qt'>
-<option value='grep'>log msg</option>
-<option value='author'>author</option>
-<option value='committer'>committer</option>
-<option value='range'>range</option>
-</select>
-<input class='txt' type='text' size='10' name='q' value=''/>
-<input type='submit' value='search'/>
-</form>
-</td></tr></table>
-<div class='path'>path: <a href='/svntogit/packages.git/tree/?h=packages/openssl'>root</a>/<a href='/svntogit/packages.git/tree/trunk?h=packages/openssl'>trunk</a>/<a href='/svntogit/packages.git/tree/trunk/ca-dir.patch?h=packages/openssl'>ca-dir.patch</a></div><div class='content'>blob: 1daba849b4ca1f222158a8a70dcd8edb98ed57a2 (<a href='/svntogit/packages.git/plain/trunk/ca-dir.patch?h=packages/openssl'>plain</a>)
-<table summary='blob content' class='blob'>
-<tr><td class='linenumbers'><pre><a id='n1' href='#n1'>1</a>
-<a id='n2' href='#n2'>2</a>
-<a id='n3' href='#n3'>3</a>
-<a id='n4' href='#n4'>4</a>
-<a id='n5' href='#n5'>5</a>
-<a id='n6' href='#n6'>6</a>
-<a id='n7' href='#n7'>7</a>
-<a id='n8' href='#n8'>8</a>
-<a id='n9' href='#n9'>9</a>
-<a id='n10' href='#n10'>10</a>
-<a id='n11' href='#n11'>11</a>
-<a id='n12' href='#n12'>12</a>
-<a id='n13' href='#n13'>13</a>
-<a id='n14' href='#n14'>14</a>
-<a id='n15' href='#n15'>15</a>
-<a id='n16' href='#n16'>16</a>
-<a id='n17' href='#n17'>17</a>
-<a id='n18' href='#n18'>18</a>
-<a id='n19' href='#n19'>19</a>
-<a id='n20' href='#n20'>20</a>
-<a id='n21' href='#n21'>21</a>
-<a id='n22' href='#n22'>22</a>
-<a id='n23' href='#n23'>23</a>
-<a id='n24' href='#n24'>24</a>
-<a id='n25' href='#n25'>25</a>
-<a id='n26' href='#n26'>26</a>
-<a id='n27' href='#n27'>27</a>
-<a id='n28' href='#n28'>28</a>
-<a id='n29' href='#n29'>29</a>
-<a id='n30' href='#n30'>30</a>
-<a id='n31' href='#n31'>31</a>
-</pre></td>
-<td class='lines'><pre><code><span class="hl kwb">--- apps/CA.pl.in	2016-09-26 11:46:04.000000000 +0200</span>
-<span class="hl kwa">+++ apps/CA.pl.in	2016-11-01 16:02:16.709616823 +0100</span>
-<span class="hl kwd">&#64;&#64; -33,7 +33,7 &#64;&#64;</span>
- my $PKCS12 = &quot;$openssl pkcs12&quot;;
- 
- # default openssl.cnf file has setup as per the following
-<span class="hl kwb">-my $CATOP = &quot;./demoCA&quot;;</span>
-<span class="hl kwa">+my $CATOP = &quot;/etc/ssl&quot;;</span>
- my $CAKEY = &quot;cakey.pem&quot;;
- my $CAREQ = &quot;careq.pem&quot;;
- my $CACERT = &quot;cacert.pem&quot;;
-<span class="hl kwb">--- apps/openssl.cnf	2016-09-26 11:46:04.000000000 +0200</span>
-<span class="hl kwa">+++ apps/openssl.cnf	2016-11-01 16:02:48.378503427 +0100</span>
-<span class="hl kwd">&#64;&#64; -39,7 +39,7 &#64;&#64;</span>
- ####################################################################
- [ CA_default ]
- 
-<span class="hl kwb">-dir		= ./demoCA		# Where everything is kept</span>
-<span class="hl kwa">+dir		= /etc/ssl		# Where everything is kept</span>
- certs		= $dir/certs		# Where the issued certs are kept
- crl_dir		= $dir/crl		# Where the issued crl are kept
- database	= $dir/index.txt	# database index file.
-<span class="hl kwd">&#64;&#64; -323,7 +323,7 &#64;&#64;</span>
- [ tsa_config1 ]
- 
- # These are used by the TSA reply generation only.
-<span class="hl kwb">-dir		= ./demoCA		# TSA root directory</span>
-<span class="hl kwa">+dir		= /etc/ssl		# TSA root directory</span>
- serial		= $dir/tsaserial	# The current serial number (mandatory)
- crypto_device	= builtin		# OpenSSL engine to use for signing
- signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate
-</code></pre></td></tr></table>
-</div> <!-- class=content -->
-<div class="foot" style="padding-left:1em;padding-right:1em;">
-<p>Copyright &copy; 2002-2017 <a href="mailto:jvinet@zeroflux.org"
-title="contact Judd Vinet">Judd Vinet</a> and <a href="mailto:aaron@archlinux.org"
-title="contact Aaron Griffin">Aaron Griffin</a>. The Arch Linux name and logo
-are recognized trademarks. Some rights reserved. The registered trademark
-Linux&reg; is used pursuant to a sublicense from LMI, the exclusive licensee
-of Linus Torvalds, owner of the mark on a world-wide basis.</p>
-</div>
-</div> <!-- id=cgit -->
-</body>
-</html>
diff --git a/openssl/mingw-w64/PKGBUILD b/openssl/mingw-w64/PKGBUILD
index 11374766..f1b5b30c 100644
--- a/openssl/mingw-w64/PKGBUILD
+++ b/openssl/mingw-w64/PKGBUILD
@@ -4,7 +4,7 @@
 # Contributor: Filip Brcic < brcha at gna dot org >
 # Contributor: Martchus < martchus at gmx dot net >
 
-_pkgver=3.1.1
+_pkgver=3.1.2
 _architectures="i686-w64-mingw32 x86_64-w64-mingw32"
 
 pkgname=mingw-w64-openssl
@@ -20,11 +20,12 @@ makedepends=('mingw-w64-gcc'
              'perl')
 options=('!strip' 'staticlibs' '!buildflags' '!lto')
 source=("https://www.openssl.org/source/openssl-${_pkgver}.tar.gz"{,.asc})
-sha256sums=('b3aa61334233b852b63ddb048df181177c2c659eb9d4376008118f9c08d07674'
+sha256sums=('a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539'
             'SKIP')
 validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491'
               '7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C'
-              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C')
+              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C'
+              'EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5')
 
 prepare() {
   cd openssl-${_pkgver}
diff --git a/openssl/static-compat/PKGBUILD b/openssl/static-compat/PKGBUILD
index 6debc08d..7daa20e2 100644
--- a/openssl/static-compat/PKGBUILD
+++ b/openssl/static-compat/PKGBUILD
@@ -2,7 +2,7 @@
 
 _pkgname=openssl
 pkgname=static-compat-$_pkgname
-_ver=3.1.1
+_ver=3.1.2
 # use a pacman compatible version scheme
 pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
 pkgrel=1
@@ -16,12 +16,13 @@ optdepends=('ca-certificates')
 options=(!emptydirs staticlibs)
 source=("https://www.openssl.org/source/${_pkgname}-${_ver}.tar.gz"{,.asc}
 	'ca-dir.patch')
-sha256sums=('b3aa61334233b852b63ddb048df181177c2c659eb9d4376008118f9c08d07674'
+sha256sums=('a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539'
             'SKIP'
             '0a32d9ca68e8d985ce0bfef6a4c20b46675e06178cc2d0bf6d91bd6865d648b7')
 validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491'
               '7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C'
-              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C')
+              'A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C'
+              'EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5')
 
 prepare() {
 	cd "$srcdir/$_pkgname-$_ver"