diff --git a/core/admin/mailu/dkim.py b/core/admin/mailu/dkim.py
index e682c64c..5719a62e 100644
--- a/core/admin/mailu/dkim.py
+++ b/core/admin/mailu/dkim.py
@@ -2,20 +2,21 @@
 They are thus represented as ASCII armored PEM.
 """
 
-from OpenSSL import crypto
+from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.asymmetric import rsa
 
 
-def gen_key(key_type=crypto.TYPE_RSA, bits=2048):
+def gen_key(bits=2048):
     """ Generate and return a new RSA key.
     """
-    key = crypto.PKey()
-    key.generate_key(key_type, bits)
-    return crypto.dump_privatekey(crypto.FILETYPE_PEM, key)
+    k = rsa.generate_private_key(public_exponent=65537, key_size=bits)
+    return k.private_bytes(encoding=serialization.Encoding.PEM,format=serialization.PrivateFormat.PKCS8,encryption_algorithm=serialization.NoEncryption())
 
 
 def strip_key(pem):
     """ Return only the b64 part of the ASCII armored PEM.
     """
-    key = crypto.load_privatekey(crypto.FILETYPE_PEM, pem)
-    public_pem = crypto.dump_publickey(crypto.FILETYPE_PEM, key)
+
+    priv_key = serialization.load_pem_private_key(pem, password=None)
+    public_pem = priv_key.public_key().public_bytes(encoding=serialization.Encoding.PEM,format=serialization.PublicFormat.SubjectPublicKeyInfo)
     return public_pem.replace(b"\n", b"").split(b"-----")[2]
diff --git a/core/admin/mailu/schemas.py b/core/admin/mailu/schemas.py
index ca3530fa..bae9be16 100644
--- a/core/admin/mailu/schemas.py
+++ b/core/admin/mailu/schemas.py
@@ -19,7 +19,7 @@ from marshmallow_sqlalchemy.fields import RelatedList
 
 from flask_marshmallow import Marshmallow
 
-from OpenSSL import crypto
+from cryptography.hazmat.primitives import serialization
 
 from pygments import highlight
 from pygments.token import Token
@@ -609,7 +609,7 @@ class DkimKeyField(fields.String):
 
         # check key validity
         try:
-            crypto.load_privatekey(crypto.FILETYPE_PEM, value)
+            serialization.load_pem_private_key(value, password=None)
         except crypto.Error as exc:
             raise ValidationError(f'invalid dkim key {bad_key!r}') from exc
         else:
diff --git a/core/base/requirements-dev.txt b/core/base/requirements-dev.txt
index ebcdde92..52874a86 100644
--- a/core/base/requirements-dev.txt
+++ b/core/base/requirements-dev.txt
@@ -27,7 +27,6 @@ mysql-connector-python==8.0.29
 passlib
 psycopg2-binary
 Pygments
-pyOpenSSL
 PyYAML
 redis
 SQLAlchemy
diff --git a/core/base/requirements-prod.txt b/core/base/requirements-prod.txt
index 4cf70cd0..8b861cd5 100644
--- a/core/base/requirements-prod.txt
+++ b/core/base/requirements-prod.txt
@@ -51,7 +51,6 @@ psycopg2-binary==2.9.5
 pycares==4.2.2
 pycparser==2.21
 Pygments==2.13.0
-pyOpenSSL==22.1.0
 pyparsing==3.0.9
 python-dateutil==2.8.2
 pytz==2022.6