diff --git a/dtool/src/prc/encryptStreamBuf.cxx b/dtool/src/prc/encryptStreamBuf.cxx
index 3d428852d2..21a33f93c0 100644
--- a/dtool/src/prc/encryptStreamBuf.cxx
+++ b/dtool/src/prc/encryptStreamBuf.cxx
@@ -236,7 +236,7 @@ open_write(ostream *dest, bool owns_dest, const string &password) {
   // Generate a random IV.  It doesn't need to be cryptographically secure,
   // just unique.
   unsigned char *iv = (unsigned char *)alloca(iv_length);
-  RAND_pseudo_bytes(iv, iv_length);
+  RAND_bytes(iv, iv_length);
 
   _write_ctx = EVP_CIPHER_CTX_new();
   nassertv(_write_ctx != NULL);
diff --git a/dtool/src/prckeys/makePrcKey.cxx b/dtool/src/prckeys/makePrcKey.cxx
index f1d9046108..6832860540 100644
--- a/dtool/src/prckeys/makePrcKey.cxx
+++ b/dtool/src/prckeys/makePrcKey.cxx
@@ -108,16 +108,25 @@ output_c_string(ostream &out, const string &string_name,
  */
 EVP_PKEY *
 generate_key() {
-  RSA *rsa = RSA_generate_key(1024, 7, NULL, NULL);
-
-  if (rsa == (RSA *)NULL) {
+  RSA *rsa = RSA_new();
+  BIGNUM *e = BN_new();
+  if (rsa == nullptr || e == nullptr) {
     output_ssl_errors();
     exit(1);
   }
 
+  BN_set_word(e, 7);
+
+  if (!RSA_generate_key_ex(rsa, 1024, e, nullptr)) {
+    BN_free(e);
+    RSA_free(rsa);
+    output_ssl_errors();
+    exit(1);
+  }
+  BN_free(e);
+
   EVP_PKEY *pkey = EVP_PKEY_new();
   EVP_PKEY_assign_RSA(pkey, rsa);
-
   return pkey;
 }