diff --git a/acme/examples/http01_example.py b/acme/examples/http01_example.py
index ab62ecbcc..4a240afa0 100644
--- a/acme/examples/http01_example.py
+++ b/acme/examples/http01_example.py
@@ -28,6 +28,7 @@ Workflow:
 from contextlib import contextmanager
 
 from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric import rsa
 import josepy as jose
 import OpenSSL
@@ -68,10 +69,9 @@ def new_csr_comp(domain_name, pkey_pem=None):
     """Create certificate signing request."""
     if pkey_pem is None:
         # Create private key.
-        pkey = OpenSSL.crypto.PKey()
-        pkey.generate_key(OpenSSL.crypto.TYPE_RSA, CERT_PKEY_BITS)
-        pkey_pem = OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM,
-                                                  pkey)
+        pkey = rsa.generate_private_key(public_exponent=65537, key_size=CERT_PKEY_BITS)
+        pkey_pem = pkey.public_bytes(serialization.Encoding.PEM)
+
     csr_pem = crypto_util.make_csr(pkey_pem, [domain_name])
     return pkey_pem, csr_pem
 
@@ -201,8 +201,10 @@ def example_http():
     # Revoke certificate
 
     fullchain_com = jose.ComparableX509(
-        OpenSSL.crypto.load_certificate(
-            OpenSSL.crypto.FILETYPE_PEM, fullchain_pem))
+        OpenSSL.crypto.X509.from_cryptography(
+            x509.load_pem_x509_certificate(fullchain_pem)
+        )
+    )
 
     try:
         client_acme.revoke(fullchain_com, 0)  # revocation reason = 0