diff --git a/configure.ac b/configure.ac
index cf356e8659..1935e47557 100644
--- a/configure.ac
+++ b/configure.ac
@@ -626,7 +626,7 @@ AC_COMPILE_IFELSE(
 
 AC_CHECK_FUNCS([OPENSSL_init_ssl OPENSSL_init_crypto])
 AC_CHECK_FUNCS([CRYPTO_zalloc])
-AC_CHECK_FUNCS([EVP_PKEY_new_raw_private_key])
+AC_CHECK_FUNCS([EVP_PKEY_new_raw_private_key EVP_PKEY_eq])
 AC_CHECK_FUNCS([EVP_CIPHER_CTX_new EVP_CIPHER_CTX_free])
 AC_CHECK_FUNCS([EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset EVP_MD_CTX_get0_md])
 AC_CHECK_FUNCS([ERR_get_error_all])
diff --git a/lib/dns/openssl_shim.h b/lib/dns/openssl_shim.h
index baf509c4a4..382d1548a8 100644
--- a/lib/dns/openssl_shim.h
+++ b/lib/dns/openssl_shim.h
@@ -18,3 +18,7 @@ unsigned long
 ERR_get_error_all(const char **file, int *line, const char **func,
 		  const char **data, int *flags);
 #endif /* if !HAVE_ERR_GET_ERROR_ALL */
+
+#if !HAVE_EVP_PKEY_EQ
+#define EVP_PKEY_eq EVP_PKEY_cmp
+#endif
diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c
index e6fa3dd07b..2aace1a0e0 100644
--- a/lib/dns/opensslecdsa_link.c
+++ b/lib/dns/opensslecdsa_link.c
@@ -32,6 +32,7 @@
 #include "dst_internal.h"
 #include "dst_openssl.h"
 #include "dst_parse.h"
+#include "openssl_shim.h"
 
 #ifndef NID_X9_62_prime256v1
 #error "P-256 group is not known (NID_X9_62_prime256v1)"
@@ -289,7 +290,7 @@ opensslecdsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
 		DST_RET(false);
 	}
 
-	status = EVP_PKEY_cmp(pkey1, pkey2);
+	status = EVP_PKEY_eq(pkey1, pkey2);
 	if (status != 1) {
 		DST_RET(false);
 	}
diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c
index a81e0faa8a..2fc5d7358c 100644
--- a/lib/dns/openssleddsa_link.c
+++ b/lib/dns/openssleddsa_link.c
@@ -34,6 +34,7 @@
 #include "dst_internal.h"
 #include "dst_openssl.h"
 #include "dst_parse.h"
+#include "openssl_shim.h"
 
 #define DST_RET(a)        \
 	{                 \
@@ -281,7 +282,7 @@ openssleddsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
 		return (false);
 	}
 
-	status = EVP_PKEY_cmp(pkey1, pkey2);
+	status = EVP_PKEY_eq(pkey1, pkey2);
 	if (status == 1) {
 		return (true);
 	}
@@ -491,7 +492,7 @@ eddsa_check(EVP_PKEY *pkey, EVP_PKEY *pubpkey) {
 	if (pubpkey == NULL) {
 		return (ISC_R_SUCCESS);
 	}
-	if (EVP_PKEY_cmp(pkey, pubpkey) == 1) {
+	if (EVP_PKEY_eq(pkey, pubpkey) == 1) {
 		return (ISC_R_SUCCESS);
 	}
 	return (ISC_R_FAILURE);