diff --git a/changelogs/unreleased/gh-7502-bump-openssl.md b/changelogs/unreleased/gh-7502-bump-openssl.md
new file mode 100644
index 0000000000000000000000000000000000000000..fb243e56296c6344e3bae82b9dcee33509490746
--- /dev/null
+++ b/changelogs/unreleased/gh-7502-bump-openssl.md
@@ -0,0 +1,3 @@
+## feature/build
+
+* Updated OpenSSL to version 3.2.1 (gh-7502).
diff --git a/cmake/BuildOpenSSL.cmake b/cmake/BuildOpenSSL.cmake
index 015e14220bf9fda4eccd59ecea42a3165fb69d6b..8ac6930a1e91e2300e2c8828300e55d9309e12d0 100644
--- a/cmake/BuildOpenSSL.cmake
+++ b/cmake/BuildOpenSSL.cmake
@@ -1,5 +1,5 @@
-set(OPENSSL_VERSION 1.1.1q)
-set(OPENSSL_HASH c685d239b6a6e1bd78be45624c092f51)
+set(OPENSSL_VERSION 3.2.1)
+set(OPENSSL_HASH c239213887804ba00654884918b37441)
 set(OPENSSL_PATCHES_DIR ${PROJECT_SOURCE_DIR}/patches)
 set(OPENSSL_INSTALL_DIR ${BUNDLED_LIBS_INSTALL_DIR}/openssl-prefix)
 set(OPENSSL_INCLUDE_DIR ${OPENSSL_INSTALL_DIR}/include)
@@ -31,11 +31,8 @@ ExternalProject_Add(bundled-openssl-project
         --prefix=<INSTALL_DIR>
         --libdir=lib
         no-shared
+        no-module
     INSTALL_COMMAND ${CMAKE_MAKE_PROGRAM} install_sw
-    PATCH_COMMAND patch -d <SOURCE_DIR> -p1 -i "${OPENSSL_PATCHES_DIR}/openssl-111q-gh-18720.patch"
-    COMMAND       patch -d <SOURCE_DIR> -p1 -i "${OPENSSL_PATCHES_DIR}/openssl-tarantool-security-27.patch"
-    COMMAND       patch -d <SOURCE_DIR> -p1 -i "${OPENSSL_PATCHES_DIR}/openssl-tarantool-security-54.patch"
-    COMMAND       patch -d <SOURCE_DIR> -p1 -i "${OPENSSL_PATCHES_DIR}/openssl-tarantool-security-90.patch"
     BUILD_BYPRODUCTS ${OPENSSL_CRYPTO_LIBRARY} ${OPENSSL_SSL_LIBRARY}
 )
 
diff --git a/patches/openssl-111q-gh-18720.patch b/patches/openssl-111q-gh-18720.patch
deleted file mode 100644
index 5b64b5440ec8482d3c2c470dc3b56a6cc0109b02..0000000000000000000000000000000000000000
--- a/patches/openssl-111q-gh-18720.patch
+++ /dev/null
@@ -1,11 +0,0 @@
-diff -ru a/test/v3ext.c b/test/v3ext.c
---- a/test/v3ext.c	2022-07-05 12:08:33.000000000 +0300
-+++ b/test/v3ext.c	2022-07-14 21:07:10.586081541 +0300
-@@ -8,6 +8,7 @@
-  */
- 
- #include <stdio.h>
-+#include <string.h>
- #include <openssl/x509.h>
- #include <openssl/x509v3.h>
- #include <openssl/pem.h>
diff --git a/patches/openssl-tarantool-security-27.patch b/patches/openssl-tarantool-security-27.patch
deleted file mode 100644
index ce6600e3b52aa1e1bb5da7fd3f3bd076d813cb3e..0000000000000000000000000000000000000000
--- a/patches/openssl-tarantool-security-27.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -ru a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
---- a/ssl/statem/statem_clnt.c	2023-02-10 11:02:21.000000000 +0300
-+++ b/ssl/statem/statem_clnt.c	2023-02-10 11:02:55.000000000 +0300
-@@ -1375,7 +1375,7 @@
-              * In TLSv1.3 it is valid for the server to select a different
-              * ciphersuite as long as the hash is the same.
-              */
--            if (ssl_md(c->algorithm2)
-+            if (s->session->cipher == NULL || ssl_md(c->algorithm2)
-                     != ssl_md(s->session->cipher->algorithm2)) {
-                 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,
-                          SSL_F_SET_CLIENT_CIPHERSUITE,
diff --git a/patches/openssl-tarantool-security-54.patch b/patches/openssl-tarantool-security-54.patch
deleted file mode 100644
index 83b4078621bc22f4888dc7f8e02844e9a0124de9..0000000000000000000000000000000000000000
--- a/patches/openssl-tarantool-security-54.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- openssl.old/ssl/statem/extensions_clnt.c	2023-02-09 16:18:41.231053686 +0300
-+++ openssl/ssl/statem/extensions_clnt.c	2023-02-09 17:33:09.257282077 +0300
-@@ -266,6 +266,7 @@
-         return EXT_RETURN_NOT_SENT;
- 
-     if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_session_ticket)
-+            || !s->session 
-             || !WPACKET_sub_memcpy_u16(pkt, s->session->ext.tick, ticklen)) {
-         SSLfatal(s, SSL_AD_INTERNAL_ERROR,
-                  SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET, ERR_R_INTERNAL_ERROR);
diff --git a/patches/openssl-tarantool-security-90.patch b/patches/openssl-tarantool-security-90.patch
deleted file mode 100644
index 8e74e70fa1df3e6d28653b7f75d805c0283fbd90..0000000000000000000000000000000000000000
--- a/patches/openssl-tarantool-security-90.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- openssl.old/ssl/record/ssl3_record.c	2023-02-17 11:10:19.399907899 +0300
-+++ openssl/ssl/record/ssl3_record.c	2023-02-17 11:12:52.921915746 +0300
-@@ -1201,7 +1201,7 @@
-     }
- 
-     t = EVP_MD_CTX_size(hash);
--    if (t < 0)
-+    if (t <= 0)
-         return 0;
-     md_size = t;
-     npad = (48 / md_size) * md_size;