--- libressl-2.7.4.orig/tls/tls.c
+++ libressl-2.7.4/tls/tls.c
@@ -438,8 +438,16 @@
 	}
 
 	if (ctx->config->verify_time == 0) {
-		X509_VERIFY_PARAM_set_flags(ssl_ctx->param,
-		    X509_V_FLAG_NO_CHECK_TIME);
+		X509_VERIFY_PARAM *param = X509_VERIFY_PARAM_new();
+
+		if (param == NULL) {
+			goto err;
+		}
+
+		X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_NO_CHECK_TIME);
+		SSL_CTX_set1_param(ssl_ctx, param);
+
+		X509_VERIFY_PARAM_free(param);
 	}
 
 	/* Disable any form of session caching by default */
@@ -487,6 +495,7 @@
 	STACK_OF(X509_INFO) *xis = NULL;
 	X509_STORE *store;
 	X509_INFO *xi;
+	X509_VERIFY_PARAM *param;
 	BIO *bio = NULL;
 	int rv = -1;
 	int i;
@@ -548,8 +557,19 @@
 			}
 			xi->crl = NULL;
 		}
-		X509_VERIFY_PARAM_set_flags(store->param,
+
+		param = X509_VERIFY_PARAM_new();
+
+		if (param == NULL) {
+			goto err;
+		}
+		
+		X509_VERIFY_PARAM_set_flags(param,
 		    X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
+
+		X509_STORE_set1_param(store, param);
+
+		X509_VERIFY_PARAM_free(param);
 	}
 
  done: