diff --git a/apps/files_encryption/lib/crypt.php b/apps/files_encryption/lib/crypt.php
index 7eab620baa5f892a9f37a07d60ec61eefd605c21..c009718160ae360d47b4abce3822d9c9fea6fcde 100755
--- a/apps/files_encryption/lib/crypt.php
+++ b/apps/files_encryption/lib/crypt.php
@@ -52,15 +52,14 @@ class Crypt {
 
 		$return = false;
 
-		$res = \OCA\Encryption\Helper::getOpenSSLPkey();
-		$res = openssl_pkey_new(array('private_key_bits' => 4096));
+		$res = Helper::getOpenSSLPkey();
 
 		if ($res === false) {
 			\OCP\Util::writeLog('Encryption library', 'couldn\'t generate users key-pair for ' . \OCP\User::getUser(), \OCP\Util::ERROR);
 			while ($msg = openssl_error_string()) {
 				\OCP\Util::writeLog('Encryption library', 'openssl_pkey_new() fails:  ' . $msg, \OCP\Util::ERROR);
 			}
-		} elseif (openssl_pkey_export($res, $privateKey)) {
+		} elseif (openssl_pkey_export($res, $privateKey, null, Helper::getOpenSSLConfig())) {
 			// Get public key
 			$keyDetails = openssl_pkey_get_details($res);
 			$publicKey = $keyDetails['key'];
@@ -71,7 +70,9 @@ class Crypt {
 			);
 		} else {
 			\OCP\Util::writeLog('Encryption library', 'couldn\'t export users private key, please check your servers openSSL configuration.' . \OCP\User::getUser(), \OCP\Util::ERROR);
-			\OCP\Util::writeLog('Encryption library', openssl_error_string(), \OCP\Util::ERROR);
+			while($errMsg = openssl_error_string()) {
+				\OCP\Util::writeLog('Encryption library', $errMsg, \OCP\Util::ERROR);
+			}
 		}
 
 		return $return;
diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php
index 2cc905c291410f9c8ab7ac0cffbed3337128b417..10447a07bb81f34aeb164f21ab292f3bbda2be99 100755
--- a/apps/files_encryption/lib/helper.php
+++ b/apps/files_encryption/lib/helper.php
@@ -280,9 +280,22 @@ class Helper {
 	 * @return resource The pkey resource created
 	 */
 	public static function getOpenSSLPkey() {
+		static $res = null;
+		if (is_null($res)) {
+			$res = openssl_pkey_new(self::getOpenSSLConfig());
+		}
+		return $res;
+	}
+
+	/**
+	 * Return an array of OpenSSL config options, default + config
+	 * Used for multiple OpenSSL functions
+	 * @return array The combined defaults and config settings
+	 */
+	public static function getOpenSSLConfig() {
 		$config = array('private_key_bits' => 4096);
-		$config = array_merge(\OCP\Config::getSystemValue('openssl'), $config);
-		return openssl_pkey_new($config);
+		$config = array_merge(\OCP\Config::getSystemValue('openssl', array()), $config);
+		return $config;
 	}
 
 	/**
diff --git a/config/config.sample.php b/config/config.sample.php
index 6425baf87cbd178212f8a498d8a39d28124fd3d2..51ef60588d61297c79fa59c707b1f0543d412fe4 100644
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -217,6 +217,6 @@ $CONFIG = array(
 
 // Extra SSL options to be used for configuration
 'openssl' => array(
-	//'config' => '/path/to/openssl.cnf',
+	//'config' => '/absolute/location/of/openssl.cnf',
 ),
 );