diff --git a/internal/provider/slickvpn/openvpnconf.go b/internal/provider/slickvpn/openvpnconf.go
index 3a9c2943..f2407460 100644
--- a/internal/provider/slickvpn/openvpnconf.go
+++ b/internal/provider/slickvpn/openvpnconf.go
@@ -26,5 +26,14 @@ func (p *Provider) OpenVPNConfig(connection models.Connection,
 			"redirect-gateway",
 		},
 	}
+
+	if settings.Version == openvpn.Openvpn25 {
+		// SlickVPN's certificate is sha1WithRSAEncryption and sha1 is now
+		// rejected by openssl 3.x.x which is used by OpenVPN >= 2.5.
+		// We lower the security level to 3 to allow this algorithm,
+		// see https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html
+		providerSettings.TLSCipher = "DEFAULT:@SECLEVEL=0"
+	}
+
 	return utils.OpenVPNConfig(providerSettings, connection, settings, ipv6Supported)
 }