diff --git a/packages/security/libressl/package.mk b/packages/security/libressl/package.mk
deleted file mode 100644
index a9e5c12e13..0000000000
--- a/packages/security/libressl/package.mk
+++ /dev/null
@@ -1,41 +0,0 @@
-################################################################################
-# This file is part of OpenELEC - http://www.openelec.tv
-# Copyright (C) 2009-2016 Stephan Raue (stephan@openelec.tv)
-#
-# OpenELEC is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 2 of the License, or
-# (at your option) any later version.
-#
-# OpenELEC is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with OpenELEC. If not, see .
-################################################################################
-
-PKG_NAME="libressl"
-PKG_VERSION="2.4.4"
-PKG_ARCH="any"
-PKG_LICENSE="BSD"
-PKG_SITE="http://www.libressl.org/"
-PKG_URL="http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/$PKG_NAME-$PKG_VERSION.tar.gz"
-PKG_DEPENDS_HOST="ccache:host"
-PKG_DEPENDS_TARGET="toolchain"
-PKG_SECTION="security"
-PKG_SHORTDESC="libressl: a FREE version of the SSL/TLS protocol forked from OpenSSL"
-PKG_LONGDESC="LibreSSL is a FREE version of the SSL/TLS protocol forked from OpenSSL"
-
-PKG_IS_ADDON="no"
-PKG_USE_CMAKE="no"
-PKG_AUTORECONF="yes"
-
-post_makeinstall_target() {
- # backwards compatibility
- mkdir -p $INSTALL/etc/pki/tls
- ln -sf /etc/ssl/cert.pem $INSTALL/etc/pki/tls/cacert.pem
- mkdir -p $INSTALL/etc/pki/tls/certs
- ln -sf /etc/ssl/cert.pem $INSTALL/etc/pki/tls/certs/ca-bundle.crt
-}
diff --git a/packages/security/libressl/patches/libressl-trusted-first.patch b/packages/security/libressl/patches/libressl-trusted-first.patch
deleted file mode 100644
index f02b6e101a..0000000000
--- a/packages/security/libressl/patches/libressl-trusted-first.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From 779c075d93f339ee4043ea026586a463376b301c Mon Sep 17 00:00:00 2001
-From: Jonas Karlman
-Date: Wed, 20 Apr 2016 22:26:49 +0200
-Subject: [PATCH] trusted first
-
----
- apps/openssl/apps.c | 2 ++
- crypto/x509/x509_vfy.c | 14 ++++++++++++++
- include/openssl/x509_vfy.h | 2 ++
- 3 files changed, 18 insertions(+)
-
-diff --git a/apps/openssl/apps.c b/apps/openssl/apps.c
-index 6e40965..cbdd080 100644
---- a/apps/openssl/apps.c
-+++ b/apps/openssl/apps.c
-@@ -1943,6 +1943,8 @@ args_verify(char ***pargs, int *pargc, int *badarg, BIO *err,
- flags |= X509_V_FLAG_NOTIFY_POLICY;
- else if (!strcmp(arg, "-check_ss_sig"))
- flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
-+ else if (!strcmp(arg, "-trusted_first"))
-+ flags |= X509_V_FLAG_TRUSTED_FIRST;
- else
- return 0;
-
-diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
-index f9fd3a0..6e51edb 100644
---- a/crypto/x509/x509_vfy.c
-+++ b/crypto/x509/x509_vfy.c
-@@ -209,6 +209,20 @@ X509_verify_cert(X509_STORE_CTX *ctx)
- if (ctx->check_issued(ctx, x, x))
- break;
-
-+ /* If asked see if we can find issuer in trusted store first */
-+ if (ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST) {
-+ ok = ctx->get_issuer(&xtmp, ctx, x);
-+ if (ok < 0)
-+ goto end;
-+ /* If successful for now free up cert so it
-+ * will be picked up again later.
-+ */
-+ if (ok > 0) {
-+ X509_free(xtmp);
-+ break;
-+ }
-+ }
-+
- /* If we were passed a cert chain, use it first */
- if (ctx->untrusted != NULL) {
- xtmp = find_issuer(ctx, sktmp, x);
-diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h
-index e4050b2..ddf77e7 100644
---- a/include/openssl/x509_vfy.h
-+++ b/include/openssl/x509_vfy.h
-@@ -383,6 +383,8 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
- #define X509_V_FLAG_USE_DELTAS 0x2000
- /* Check selfsigned CA signature */
- #define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
-+/* Use trusted store first */
-+#define X509_V_FLAG_TRUSTED_FIRST 0x8000
- /* Do not check certificate or CRL validity against current time. */
- #define X509_V_FLAG_NO_CHECK_TIME 0x200000
-