diff --git a/cipherscan b/cipherscan
index 985eb07..c927f18 100755
--- a/cipherscan
+++ b/cipherscan
@@ -42,6 +42,11 @@ if [[ "$TIMEOUTOUTPUT" =~ BusyBox ]]; then
     TIMEOUTBIN="$TIMEOUTBIN -t"
 fi
 
+# use custom config file to enable GOST ciphers
+if [[ -e $(dirname $0)/openssl.cnf ]]; then
+    export OPENSSL_CONF="$(dirname $0)/openssl.cnf"
+fi
+
 # find a list of trusted CAs on the local system, or use the provided list
 if [ -z "$CACERTS" ]; then
     for f in /etc/pki/tls/certs/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt; do
diff --git a/openssl.cnf b/openssl.cnf
new file mode 100644
index 0000000..4f5b324
--- /dev/null
+++ b/openssl.cnf
@@ -0,0 +1,12 @@
+openssl_conf = openssl_def
+
+[openssl_def]
+engines = engine_section
+
+[engine_section]
+gost = gost_section
+
+[gost_section]
+engine_id = gost
+default_algorithms = ALL
+CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet