diff --git a/apparmor.changes b/apparmor.changes
index 4c45528..3541bcb 100644
--- a/apparmor.changes
+++ b/apparmor.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Sun Dec 19 21:42:54 UTC 2021 - Christian Boltz <suse-beta@cboltz.de>
+
+- add openssl-engdef-mr818.diff: Allow reading /etc/ssl/engdef.d/ and
+  /etc/ssl/engines.d/ in abstractions/openssl which were introduced
+  with the latest openssl update
+
 -------------------------------------------------------------------
 Tue Nov  9 17:45:22 UTC 2021 - Christian Boltz <suse-beta@cboltz.de>
 
diff --git a/apparmor.spec b/apparmor.spec
index 16eb492..f323cde 100644
--- a/apparmor.spec
+++ b/apparmor.spec
@@ -87,6 +87,9 @@ Patch8:         add-samba-bgqd.diff
 # aa-notify: Add support for reading s390x and aarch64 wtmp file (boo#1181155) (merged upstream 2021-11-08 in master and 3.0 branch - https://gitlab.com/apparmor/apparmor/-/merge_requests/809)
 Patch9:         aa-notify-more-arch-mr809.diff
 
+# allow reading /etc/ssl/engdef.d/ and /etc/ssl/engines.d/ in abstractions/openssl (submitted upstream 2021-12-19 - https://gitlab.com/apparmor/apparmor/-/merge_requests/818)
+Patch10:        openssl-engdef-mr818.diff
+
 PreReq:         sed
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %define apparmor_bin_prefix %{?usrmerged:/usr}/lib/apparmor
@@ -352,6 +355,7 @@ mv -v profiles/apparmor.d/usr.lib.apache2.mpm-prefork.apache2 profiles/apparmor/
 %patch7 -p1
 %patch8 -p1
 %patch9 -p1
+%patch10 -p1
 
 %build
 %define _lto_cflags %{nil}
diff --git a/openssl-engdef-mr818.diff b/openssl-engdef-mr818.diff
new file mode 100644
index 0000000..d727369
--- /dev/null
+++ b/openssl-engdef-mr818.diff
@@ -0,0 +1,26 @@
+(context lines adjusted to match 3.0 branch)
+
+From e58dd798f09c1df6f8de42f64d07221d34adfc87 Mon Sep 17 00:00:00 2001
+From: Christian Boltz <apparmor@cboltz.de>
+Date: Sun, 19 Dec 2021 22:36:05 +0100
+Subject: [PATCH] abstractions/openssl: allow /etc/ssl/{engdef,engines}.d/
+
+These directories were introduced in openssl in
+https://patchwork.ozlabs.org/project/openwrt/patch/20210429153530.10020-2-cotequeiroz@gmail.com/
+---
+ profiles/apparmor.d/abstractions/openssl | 2 ++
+ 1 file changed, 2 insertions(+)
+
+Index: profiles/apparmor.d/abstractions/openssl
+===================================================================
+--- a/profiles/apparmor.d/abstractions/openssl.orig	2021-12-19 22:51:13.837139097 +0100
++++ b/profiles/apparmor.d/abstractions/openssl	2021-12-19 22:52:05.845049787 +0100
+@@ -12,6 +12,8 @@
+ 
+   /etc/ssl/openssl.cnf r,
+   /usr/share/ssl/openssl.cnf r,
++  /etc/ssl/{engdef,engines}.d/ r,
++  /etc/ssl/{engdef,engines}.d/*.cnf r,
+   @{PROC}/sys/crypto/fips_enabled r,
+ 
+