diff --git a/lib/curl_sha512_256.c b/lib/curl_sha512_256.c
index a6c78d67cf..44ba9be55f 100644
--- a/lib/curl_sha512_256.c
+++ b/lib/curl_sha512_256.c
@@ -40,12 +40,10 @@
 #  include <openssl/opensslv.h>
 #  if !defined(LIBRESSL_VERSION_NUMBER) || \
   (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3080000fL)
-#    include <openssl/opensslconf.h>
-#    if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
-#      include <openssl/evp.h>
-#      define USE_OPENSSL_SHA512_256          1
-#      define HAS_SHA512_256_IMPLEMENTATION   1
-#      ifdef __NetBSD__
+#    include <openssl/evp.h>
+#    define USE_OPENSSL_SHA512_256          1
+#    define HAS_SHA512_256_IMPLEMENTATION   1
+#    ifdef __NetBSD__
 /* Some NetBSD versions has a bug in SHA-512/256.
  * See https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=58039
  * The problematic versions:
@@ -56,14 +54,13 @@
  * NetBSD 10.99.11 development.
  * It is safe to apply the workaround even if the bug is not present, as
  * the workaround just reduces performance slightly. */
-#        include <sys/param.h>
-#        if  __NetBSD_Version__ <   904000000 ||  \
-            (__NetBSD_Version__ >=  999000000 &&  \
-             __NetBSD_Version__ <  1000000000) || \
-            (__NetBSD_Version__ >= 1099000000 &&  \
-             __NetBSD_Version__ <  1099001100)
-#          define NEED_NETBSD_SHA512_256_WORKAROUND 1
-#        endif
+#      include <sys/param.h>
+#      if  __NetBSD_Version__ <   904000000 ||  \
+          (__NetBSD_Version__ >=  999000000 &&  \
+           __NetBSD_Version__ <  1000000000) || \
+          (__NetBSD_Version__ >= 1099000000 &&  \
+           __NetBSD_Version__ <  1099001100)
+#        define NEED_NETBSD_SHA512_256_WORKAROUND 1
 #      endif
 #    endif
 #  endif
diff --git a/lib/setup-vms.h b/lib/setup-vms.h
index 17bf5a07a2..dd460223b9 100644
--- a/lib/setup-vms.h
+++ b/lib/setup-vms.h
@@ -355,9 +355,6 @@ static int CONF_modules_load_file(const char *filename,
 #define sk_pop                          SK_POP
 #define sk_pop_free                     SK_POP_FREE
 #define sk_value                        SK_VALUE
-#ifdef __VAX
-#define OPENSSL_NO_SHA256
-#endif
 #define SHA256_Final  SHA256_FINAL
 #define SHA256_Init   SHA256_INIT
 #define SHA256_Update SHA256_UPDATE
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 45480778eb..84e6eaadd5 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -5364,7 +5364,6 @@ static CURLcode ossl_random(struct Curl_easy *data,
   return rc == 1 ? CURLE_OK : CURLE_FAILED_INIT;
 }
 
-#ifndef OPENSSL_NO_SHA256
 static CURLcode ossl_sha256sum(const unsigned char *tmp, /* input */
                                size_t tmplen,
                                unsigned char *sha256sum /* output */,
@@ -5386,7 +5385,6 @@ static CURLcode ossl_sha256sum(const unsigned char *tmp, /* input */
   EVP_MD_CTX_destroy(mdctx);
   return CURLE_OK;
 }
-#endif
 
 static bool ossl_cert_status_request(void)
 {
@@ -5445,11 +5443,7 @@ const struct Curl_ssl Curl_ssl_openssl = {
   ossl_set_engine,          /* set_engine or provider */
   ossl_set_engine_default,  /* set_engine_default */
   ossl_engines_list,        /* engines_list */
-#ifndef OPENSSL_NO_SHA256
   ossl_sha256sum,           /* sha256sum */
-#else
-  NULL,                     /* sha256sum */
-#endif
   ossl_recv,                /* recv decrypted data */
   ossl_send,                /* send data to encrypt */
   ossl_get_channel_binding  /* get_channel_binding */