diff --git a/debian/patches/fix-ftbfs-openssl3.patch b/debian/patches/fix-ftbfs-openssl3.patch
new file mode 100644
index 0000000000000000000000000000000000000000..2c8363b25951ca10ab73a475e3552d2f9cb54c26
--- /dev/null
+++ b/debian/patches/fix-ftbfs-openssl3.patch
@@ -0,0 +1,46 @@
+From f22b032956bc492dcf47b2a909f91a6fb2c6e49b Mon Sep 17 00:00:00 2001
+From: William Lallemand <wlallemand@haproxy.org>
+Date: Wed, 2 Jun 2021 16:09:11 +0200
+Subject: [PATCH] BUILD: fix compilation for OpenSSL-3.0.0-alpha17
+
+Some changes in the OpenSSL syntax API broke this syntax:
+  #if SSL_OP_NO_TLSv1_3
+
+OpenSSL made this change which broke our usage in commit f04bb0bce490de847ed0482b8ec9eabedd173852:
+
+-# define SSL_OP_NO_TLSv1_3                               (uint64_t)0x20000000
++#define SSL_OP_BIT(n)  ((uint64_t)1 << (uint64_t)n)
++# define SSL_OP_NO_TLSv1_3                               SSL_OP_BIT(29)
+
+Which can't be evaluated by the preprocessor anymore.
+This patch replace the test by an openssl version test.
+
+This fix part of #1276 issue.
+
+Origin: upstream, https://github.com/haproxy/haproxy/commit/f22b032956bc492
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/haproxy/+bug/1945773
+Last-Updated: 2021-11-22
+---
+ src/ssl_sock.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/ssl_sock.c b/src/ssl_sock.c
+index f596a831de..27a4c3531e 100644
+--- a/src/ssl_sock.c
++++ b/src/ssl_sock.c
+@@ -2217,13 +2217,13 @@ static void ssl_set_TLSv12_func(SSL *ssl, set_context_func c) {
+ 		: SSL_set_min_proto_version(ssl, TLS1_2_VERSION);
+ }
+ static void ctx_set_TLSv13_func(SSL_CTX *ctx, set_context_func c) {
+-#if SSL_OP_NO_TLSv1_3
++#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
+ 	c == SET_MAX ? SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION)
+ 		: SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
+ #endif
+ }
+ static void ssl_set_TLSv13_func(SSL *ssl, set_context_func c) {
+-#if SSL_OP_NO_TLSv1_3
++#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
+ 	c == SET_MAX ? SSL_set_max_proto_version(ssl, TLS1_3_VERSION)
+ 		: SSL_set_min_proto_version(ssl, TLS1_3_VERSION);
+ #endif
diff --git a/debian/patches/series b/debian/patches/series
index 276b0d5f938feec1814483f7db504ef9ce9c2536..739db5b8f241c18a5f6685e9cf34b1c57892d701 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,5 @@ haproxy.service-add-documentation.patch
 # applied during the build process:
 # debianize-dconv.patch
 reproducible.patch
+
+fix-ftbfs-openssl3.patch