diff --git a/neverbleed.c b/neverbleed.c
index 913096e..326c76b 100644
--- a/neverbleed.c
+++ b/neverbleed.c
@@ -1229,6 +1229,10 @@ __attribute__((noreturn)) static void *daemon_close_notify_thread(void *_close_n
     _exit(0);
 }
 
+#ifdef NEVERBLEED_OPAQUE_RSA_METHOD
+static int (*rsa_finish)(RSA *rsa);
+#endif
+
 static int priv_rsa_finish(RSA *rsa)
 {
     struct st_neverbleed_rsa_exdata_t *exdata;
@@ -1236,6 +1240,10 @@ static int priv_rsa_finish(RSA *rsa)
 
     get_privsep_data(rsa, &exdata, &thdata);
 
+#ifdef NEVERBLEED_OPAQUE_RSA_METHOD
+    rsa_finish(rsa);
+#endif
+
     struct expbuf_t buf = {NULL};
     size_t ret;
 
@@ -1431,6 +1439,7 @@ int neverbleed_init(neverbleed_t *nb, char *errbuf)
 #ifdef NEVERBLEED_OPAQUE_RSA_METHOD
     rsa_default_method = RSA_PKCS1_OpenSSL();
     rsa_method = RSA_meth_dup(rsa_default_method);
+    rsa_finish = RSA_meth_get_finish(rsa_method);
 
     RSA_meth_set1_name(rsa_method, "privsep RSA method");
     RSA_meth_set_priv_enc(rsa_method, priv_enc_proxy);