diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index 24b21d4ea2d592c1bcbe979884273b1b67221327..b570b6e592057eef4fd5c549fb271c33102f942f 100644
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -322,10 +322,10 @@ static void delete_ext(STACK_OF(X509_EXTENSION) *sk, X509_EXTENSION *dext)
 	int idx;
 	ASN1_OBJECT *obj;
 	obj = X509_EXTENSION_get_object(dext);
-	while ((idx = X509_EXTENSION_get_by_OBJ(sk, obj, -1)) >= 0)
+	while ((idx = X509v3_get_ext_by_OBJ(sk, obj, -1)) >= 0)
 		{
-		X509_EXTENSION *tmpext= X509_get_ext(sk, idx);
-		X509_del_ext(sk, idx);
+		X509_EXTENSION *tmpext = X509v3_get_ext(sk, idx);
+		X509v3_delete_ext(sk, idx);
 		X509_EXTENSION_free(tmpext);
 		}
 	}
@@ -348,7 +348,7 @@ int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
 		val = sk_CONF_VALUE_value(nval, i);
 		if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
 								return 0;
-		if (ctx->flags == X509V3_CTX_FLAG_REPLACE)	
+		if (ctx->flags == X509V3_CTX_REPLACE)	
 			delete_ext(*sk, ext);
 		if (sk) X509v3_add_ext(sk, ext, -1);
 		X509_EXTENSION_free(ext);
diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index 84cf46f538634d2016a13dcf3609f1cb6c9582c5..bf409997e759e5b7fefc99615e74b88c8e2595e7 100644
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -128,6 +128,7 @@ void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
 /* Context specific info */
 struct v3_ext_ctx {
 #define CTX_TEST 0x1
+#define X509V3_CTX_REPLACE 0x2
 int flags;
 X509 *issuer_cert;
 X509 *subject_cert;