diff --git a/examples/client.c b/examples/client.c
index 4b4deeeb..ebb0fcbc 100644
--- a/examples/client.c
+++ b/examples/client.c
@@ -689,10 +689,10 @@ int main(int argc, char **argv) {
   act.sa_handler = SIG_IGN;
   sigaction(SIGPIPE, &act, 0);
 
-  OPENSSL_config(NULL);
-  OpenSSL_add_all_algorithms();
   SSL_load_error_strings();
   SSL_library_init();
+  OpenSSL_add_all_algorithms();
+  OPENSSL_config(NULL);
 
   rv = parse_uri(&uri, argv[1]);
   if (rv != 0) {
diff --git a/examples/libevent-client.c b/examples/libevent-client.c
index 17ed94be..4123e656 100644
--- a/examples/libevent-client.c
+++ b/examples/libevent-client.c
@@ -551,10 +551,10 @@ int main(int argc, char **argv) {
   act.sa_handler = SIG_IGN;
   sigaction(SIGPIPE, &act, NULL);
 
-  OPENSSL_config(NULL);
-  OpenSSL_add_all_algorithms();
   SSL_load_error_strings();
   SSL_library_init();
+  OpenSSL_add_all_algorithms();
+  OPENSSL_config(NULL);
 
   run(argv[1]);
   return 0;
diff --git a/examples/libevent-server.c b/examples/libevent-server.c
index 412c6d0d..381977dd 100644
--- a/examples/libevent-server.c
+++ b/examples/libevent-server.c
@@ -724,10 +724,10 @@ int main(int argc, char **argv) {
   act.sa_handler = SIG_IGN;
   sigaction(SIGPIPE, &act, NULL);
 
-  OPENSSL_config(NULL);
-  OpenSSL_add_all_algorithms();
   SSL_load_error_strings();
   SSL_library_init();
+  OpenSSL_add_all_algorithms();
+  OPENSSL_config(NULL);
 
   run(argv[1], argv[2], argv[3]);
   return 0;
diff --git a/src/h2load.cc b/src/h2load.cc
index ac52055d..cb62284e 100644
--- a/src/h2load.cc
+++ b/src/h2load.cc
@@ -1063,6 +1063,14 @@ Options:
 } // namespace
 
 int main(int argc, char **argv) {
+#ifndef NOTHREADS
+  ssl::LibsslGlobalLock lock;
+#endif // NOTHREADS
+  SSL_load_error_strings();
+  SSL_library_init();
+  OpenSSL_add_all_algorithms();
+  OPENSSL_config(nullptr);
+
   std::string datafile;
   while (1) {
     static int flag = 0;
@@ -1259,14 +1267,6 @@ int main(int argc, char **argv) {
   memset(&act, 0, sizeof(struct sigaction));
   act.sa_handler = SIG_IGN;
   sigaction(SIGPIPE, &act, nullptr);
-  OPENSSL_config(nullptr);
-  OpenSSL_add_all_algorithms();
-  SSL_load_error_strings();
-  SSL_library_init();
-
-#ifndef NOTHREADS
-  ssl::LibsslGlobalLock lock;
-#endif // NOTHREADS
 
   auto ssl_ctx = SSL_CTX_new(SSLv23_client_method());
   if (!ssl_ctx) {
diff --git a/src/nghttp.cc b/src/nghttp.cc
index 8f6361e3..1dae611b 100644
--- a/src/nghttp.cc
+++ b/src/nghttp.cc
@@ -2400,6 +2400,11 @@ Options:
 } // namespace
 
 int main(int argc, char **argv) {
+  SSL_load_error_strings();
+  SSL_library_init();
+  OpenSSL_add_all_algorithms();
+  OPENSSL_config(nullptr);
+
   bool color = false;
   while (1) {
     static int flag = 0;
@@ -2639,10 +2644,6 @@ int main(int argc, char **argv) {
   memset(&act, 0, sizeof(struct sigaction));
   act.sa_handler = SIG_IGN;
   sigaction(SIGPIPE, &act, nullptr);
-  OPENSSL_config(nullptr);
-  OpenSSL_add_all_algorithms();
-  SSL_load_error_strings();
-  SSL_library_init();
   reset_timer();
   return run(argv + optind, argc - optind);
 }
diff --git a/src/nghttpd.cc b/src/nghttpd.cc
index 4ffc0bc9..0e7e63c4 100644
--- a/src/nghttpd.cc
+++ b/src/nghttpd.cc
@@ -168,6 +168,14 @@ Options:
 } // namespace
 
 int main(int argc, char **argv) {
+#ifndef NOTHREADS
+  ssl::LibsslGlobalLock lock;
+#endif // NOTHREADS
+  SSL_load_error_strings();
+  SSL_library_init();
+  OpenSSL_add_all_algorithms();
+  OPENSSL_config(nullptr);
+
   Config config;
   bool color = false;
   while (1) {
@@ -359,13 +367,6 @@ int main(int argc, char **argv) {
   memset(&act, 0, sizeof(struct sigaction));
   act.sa_handler = SIG_IGN;
   sigaction(SIGPIPE, &act, nullptr);
-  OPENSSL_config(nullptr);
-  OpenSSL_add_all_algorithms();
-  SSL_load_error_strings();
-  SSL_library_init();
-#ifndef NOTHREADS
-  ssl::LibsslGlobalLock lock;
-#endif // NOTHREADS
 
   reset_timer();
 
diff --git a/src/shrpx.cc b/src/shrpx.cc
index 5becb798..e7352c42 100644
--- a/src/shrpx.cc
+++ b/src/shrpx.cc
@@ -1415,6 +1415,16 @@ Misc:
 } // namespace
 
 int main(int argc, char **argv) {
+#ifndef NOTHREADS
+  nghttp2::ssl::LibsslGlobalLock lock;
+#endif // NOTHREADS
+  // Initialize OpenSSL before parsing options because we create
+  // SSL_CTX there.
+  SSL_load_error_strings();
+  SSL_library_init();
+  OpenSSL_add_all_algorithms();
+  OPENSSL_config(nullptr);
+
   Log::set_severity_level(NOTICE);
   create_config();
   fill_default_config();
@@ -1894,13 +1904,6 @@ int main(int argc, char **argv) {
     }
   }
 
-  // Initialize OpenSSL before parsing options because we create
-  // SSL_CTX there.
-  OPENSSL_config(nullptr);
-  OpenSSL_add_all_algorithms();
-  SSL_load_error_strings();
-  SSL_library_init();
-
   if (conf_exists(get_config()->conf_path.get())) {
     if (load_config(get_config()->conf_path.get()) == -1) {
       LOG(FATAL) << "Failed to load configuration from "
@@ -1925,10 +1928,6 @@ int main(int argc, char **argv) {
     }
   }
 
-#ifndef NOTHREADS
-  auto lock = make_unique<nghttp2::ssl::LibsslGlobalLock>();
-#endif // NOTHREADS
-
   if (get_config()->accesslog_syslog || get_config()->errorlog_syslog) {
     openlog("nghttpx", LOG_NDELAY | LOG_NOWAIT | LOG_PID,
             get_config()->syslog_facility);