diff --git a/net/lighttpd/Makefile b/net/lighttpd/Makefile
index 7c89a6d0a..0628336f6 100644
--- a/net/lighttpd/Makefile
+++ b/net/lighttpd/Makefile
@@ -48,13 +48,17 @@ PKG_CONFIG_DEPENDS:= \
   CONFIG_LIGHTTPD_PCRE2 \
   CONFIG_LIGHTTPD_CRYPTOLIB_NONE \
   CONFIG_LIGHTTPD_CRYPTOLIB_NETTLE \
+  CONFIG_LIGHTTPD_CRYPTOLIB_GNUTLS \
   CONFIG_LIGHTTPD_CRYPTOLIB_MBEDTLS \
+  CONFIG_LIGHTTPD_CRYPTOLIB_OPENSSL \
   CONFIG_LIGHTTPD_CRYPTOLIB_WOLFSSL
 
 PKG_BUILD_DEPENDS:= \
   LIGHTTPD_PCRE2:pcre2 \
   LIGHTTPD_CRYPTOLIB_NETTLE:nettle \
+  LIGHTTPD_CRYPTOLIB_GNUTLS:gnutls \
   LIGHTTPD_CRYPTOLIB_MBEDTLS:mbedtls \
+  LIGHTTPD_CRYPTOLIB_OPENSSL:openssl \
   LIGHTTPD_CRYPTOLIB_WOLFSSL:wolfssl
 
 include $(INCLUDE_DIR)/package.mk
@@ -64,10 +68,16 @@ include $(INCLUDE_DIR)/meson.mk
 # (separate from lighttpd TLS modules, which are each standalone)
 cryptolibdep= \
   +LIGHTTPD_CRYPTOLIB_NETTLE:libnettle \
+  +LIGHTTPD_CRYPTOLIB_GNUTLS:libgnutls \
   +LIGHTTPD_CRYPTOLIB_MBEDTLS:libmbedtls \
+  +LIGHTTPD_CRYPTOLIB_OPENSSL:libopenssl \
   +LIGHTTPD_CRYPTOLIB_WOLFSSL:libwolfssl
 ifdef CONFIG_LIGHTTPD_CRYPTOLIB_MBEDTLS
   TARGET_CPPFLAGS += -DFORCE_MBEDTLS_CRYPTO
+else ifdef CONFIG_LIGHTTPD_CRYPTOLIB_GNUTLS
+  TARGET_CPPFLAGS += -DFORCE_GNUTLS_CRYPTO
+else ifdef CONFIG_LIGHTTPD_CRYPTOLIB_OPENSSL
+  TARGET_CPPFLAGS += -DFORCE_OPENSSL_CRYPTO
 else ifdef CONFIG_LIGHTTPD_CRYPTOLIB_WOLFSSL
   TARGET_CPPFLAGS += -DFORCE_WOLFSSL_CRYPTO
 endif
@@ -131,9 +141,15 @@ if PACKAGE_lighttpd
 		config LIGHTTPD_CRYPTOLIB_NETTLE
 			bool "libnettle"
 
+		config LIGHTTPD_CRYPTOLIB_GNUTLS
+			bool "libgnutls"
+
 		config LIGHTTPD_CRYPTOLIB_MBEDTLS
 			bool "libmbedtls"
 
+		config LIGHTTPD_CRYPTOLIB_OPENSSL
+			bool "libopenssl"
+
 		config LIGHTTPD_CRYPTOLIB_WOLFSSL
 			bool "libwolfssl"
 	endchoice
diff --git a/net/lighttpd/patches/030-sys-crypto.h-add-support-for-OpenSSL-as-crypto-libra.patch b/net/lighttpd/patches/030-sys-crypto.h-add-support-for-OpenSSL-as-crypto-libra.patch
new file mode 100644
index 000000000..845f23adc
--- /dev/null
+++ b/net/lighttpd/patches/030-sys-crypto.h-add-support-for-OpenSSL-as-crypto-libra.patch
@@ -0,0 +1,71 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20=C5=A0tetiar?= <ynezz@true.cz>
+Date: Sat, 4 May 2024 06:33:16 +0000
+Subject: [PATCH] sys-crypto.h: add support for OpenSSL as crypto library
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Each TLS module in lighttpd is built to utilize its corresponding TLS
+library. For example, lighttpd's mod_openssl module utilizes OpenSSL,
+and its mod_mbedtls module uses mbedTLS.
+
+Separately, the core lighttpd application may employ cryptographic
+functions. For efficiency and portability, if lighttpd is compiled with
+Nettle, it becomes the default cryptographic library for the base
+application. However, each TLS module within lighttpd still relies on
+its respective TLS library.
+
+In scenarios where lighttpd is configured with only one TLS library and
+without Nettle, the base application adopts the cryptographic functions
+from that specific TLS library.
+
+When preparing for Linux distributions, lighttpd might be built with
+several TLS modules, where each module uses its designated TLS library.
+Presently, lighttpd does not offer a distinct, dedicated option to
+select the cryptographic library for the base application.
+
+In contexts like embedded systems, where a single TLS library might be
+utilized across the entire base system, specific configurations allow
+the use of either mbedTLS or wolfSSL. For these, lighttpd is compiled
+with -DFORCE_MBEDTLS_CRYPTO or -DFORCE_WOLFSSL_CRYPTO, respectively.
+
+To extend this capability, let's introduce the FORCE_OPENSSL_CRYPTO
+define, enabling lighttpd to also use OpenSSL as an additional
+cryptographic library, akin to the existing support for mbedTLS and
+wolfSSL.
+
+
+Suggested-by: Glenn Strauss <gstrauss@gluelogic.com>
+Signed-off-by: Petr Štetiar <ynezz@true.cz>
+---
+ src/sys-crypto.h | 20 ++++++++++++++++++++
+ 1 file changed, 20 insertions(+)
+
+--- a/src/sys-crypto.h
++++ b/src/sys-crypto.h
+@@ -60,4 +60,24 @@
+ #endif
+ #endif
+ 
++#ifdef USE_OPENSSL_CRYPTO
++#ifdef FORCE_OPENSSL_CRYPTO
++#undef USE_GNUTLS_CRYPTO
++#undef USE_MBEDTLS_CRYPTO
++#undef USE_NETTLE_CRYPTO
++#undef USE_NSS_CRYPTO
++#undef USE_WOLFSSL_CRYPTO
++#endif
++#endif
++
++#ifdef USE_GNUTLS_CRYPTO
++#ifdef FORCE_GNUTLS_CRYPTO
++#undef USE_MBEDTLS_CRYPTO
++#undef USE_NETTLE_CRYPTO
++#undef USE_NSS_CRYPTO
++#undef USE_OPENSSL_CRYPTO
++#undef USE_WOLFSSL_CRYPTO
++#endif
++#endif
++
+ #endif