diff --git a/Makefile.am b/Makefile.am
index 10e38fd..d53b0d5 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,9 +1,20 @@
 ACLOCAL_AMFLAGS = -I m4
 
-if ENABLE_CLIENT_ONLY 
-SUBDIRS = safe_c_stub src java/jni example/client example/client-simple example/client-brski
-else 
-SUBDIRS = safe_c_stub src java/jni example/client example/client-simple example/server example/proxy example/client-brski
+if ENABLE_JNI
+libest_jni = java/jni
 endif
 
+if ENABLE_EXAMPLES
+if ENABLE_CLIENT_ONLY
+examples = example/client example/client-simple example/client-brski
+else
+examples = example/client example/client-simple example/client-brski example/server example/proxy
+endif
+endif
+
+if ! WITH_SYSTEM_LIBSAFEC
+builtin_libsafec = safe_c_stub
+endif
+
+SUBDIRS = $(builtin_libsafec) src $(libest_jni) $(examples)
 EXTRA_DIST = autogen.sh example/util LICENSE README.brski $(srcdir)/build.gradle $(srcdir)/example/build_examples.gradle
diff --git a/configure.ac b/configure.ac
index e02a54d..0b930bf 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,11 +2,6 @@ dnl Process this file with autoconf to produce a configure script.
 AC_INIT([libest],[3.2.0p],[libest-dev])
 AC_CONFIG_AUX_DIR(config)
 AC_CONFIG_SRCDIR(src/est/est.c)
-AC_CONFIG_SRCDIR(example/client/estclient.c)
-AC_CONFIG_SRCDIR(example/client-simple/estclient-simple.c)
-AC_CONFIG_SRCDIR(example/client-brski/estclient-brski.c)
-AC_CONFIG_SRCDIR(example/server/estserver.c)
-AC_CONFIG_SRCDIR(example/proxy/estproxy.c)
 AC_CONFIG_MACRO_DIR([m4])
 
 AM_INIT_AUTOMAKE
@@ -15,6 +10,7 @@ AM_INIT_AUTOMAKE([subdir-objects])
 
 AC_PROG_CC
 AM_PROG_CC_C_O
+PKG_PROG_PKG_CONFIG
 LT_INIT
 AC_CANONICAL_HOST
 case $host in
@@ -35,9 +31,9 @@ AM_COND_IF([FREEBSD], AC_MSG_RESULT([Skipping libdl check]),
 AC_ARG_ENABLE([jni], 
 	       [AS_HELP_STRING([--enable-jni],
 			       [Enable support for JNI library])],
-		[jni_on=1],
-		[jni_on=0])
-AM_CONDITIONAL([ENABLE_JNI], [test x$jni_on = x1])
+		[],
+		[enable_jni="no"])
+AM_CONDITIONAL([ENABLE_JNI], [test "$enable_jni" = "yes"])
 AM_COND_IF([ENABLE_JNI], 
 	   AC_MSG_RESULT([JNI support enabled])
 	   AC_DEFINE([ENABLE_JNI]),
@@ -47,9 +43,9 @@ AM_CONDITIONAL([JAVA_HOME_SET], [test ! -z "$JAVA_HOME"])
 AC_ARG_ENABLE([client-only], 
 	       [AS_HELP_STRING([--enable-client-only],
 			       [Enable the building of only the client mode of libEST])],
-		[clientonly_on=1],
-		[clientonly_on=0])
-AM_CONDITIONAL([ENABLE_CLIENT_ONLY], [test x$clientonly_on = x1])
+		[],
+		[enable_client_only="no"])
+AM_CONDITIONAL([ENABLE_CLIENT_ONLY], [test "$enable_client_only" = "yes"])
 AM_COND_IF([ENABLE_CLIENT_ONLY], 
 	   AC_MSG_RESULT([Client only build enabled])
 	   AC_DEFINE([ENABLE_CLIENT_ONLY]),
@@ -58,9 +54,9 @@ AM_COND_IF([ENABLE_CLIENT_ONLY],
 AC_ARG_ENABLE([brski], 
 	       [AS_HELP_STRING([--enable-brski],
 			       [Enable support for brski bootstrap functionality])],
-		[brski_on=1],
-		[brski_on=0])
-AM_CONDITIONAL([ENABLE_BRSKI], [test x$brski_on = x1])
+		[],
+		[enable_brski="no"])
+AM_CONDITIONAL([ENABLE_BRSKI], [test "$enable_brski" = "yes"])
 AM_COND_IF([ENABLE_BRSKI], 
 	   AC_MSG_RESULT([BRSKI support enabled])
 	   AC_DEFINE([ENABLE_BRSKI]),
@@ -69,9 +65,9 @@ AM_COND_IF([ENABLE_BRSKI],
 AC_ARG_ENABLE([pthreads], 
 	       [AS_HELP_STRING([--disable-pthreads],
 			       [Disable support for pthreads])],
-		[pthreads_on=1],
-		[pthreads_on=0])
-AM_CONDITIONAL([DISABLE_PTHREAD], [test x$pthreads_on = x1])
+		[],
+		[enable_pthreads="yes"])
+AM_CONDITIONAL([DISABLE_PTHREAD], [test "$enable_pthreads" = "no"])
 AM_COND_IF([DISABLE_PTHREAD], 
 	   AC_MSG_RESULT([pthread support disabled])
 	   AC_DEFINE([DISABLE_PTHREADS]), 
@@ -80,16 +76,25 @@ AM_COND_IF([DISABLE_PTHREAD], [],
 	    [AC_CHECK_LIB([pthread], [pthread_create], [],
              [AC_MSG_FAILURE([can't find pthread lib])])])
 
+AC_ARG_ENABLE([examples],
+	       [AS_HELP_STRING([--disable-examples],
+			       [Disable examples compilation])],
+		[],
+		[enable_examples="yes"])
+AC_MSG_CHECKING(whether to build examples)
+AM_CONDITIONAL([ENABLE_EXAMPLES], [test "$enable_examples" = "yes"])
+AM_COND_IF([ENABLE_EXAMPLES], AC_MSG_RESULT([yes]), AC_MSG_RESULT([no]))
+
 AC_ARG_WITH([ssl-dir],
 	    [AS_HELP_STRING([--with-ssl-dir],
 		[location of OpenSSL install folder, defaults to /usr/local/ssl])],
-	    [ssldir="$withval"],
-	    [ssldir="/usr/local/ssl"])
-AC_SUBST([SSL_CFLAGS], "$ssldir/include")
-AC_SUBST([SSL_LDFLAGS], "$ssldir/lib")
+	    [],
+	    [with_ssl_dir="/usr/local/ssl"])
+AC_SUBST([SSL_CFLAGS], "$with_ssl_dir/include")
+AC_SUBST([SSL_LDFLAGS], "$with_ssl_dir/lib")
 
-CFLAGS="$CFLAGS -Wall -I$ssldir/include"
-LDFLAGS="$LDFLAGS -L$ssldir/lib"
+CFLAGS="$CFLAGS -Wall -I$with_ssl_dir/include"
+LDFLAGS="$LDFLAGS -L$with_ssl_dir/lib"
 if test "$is_freebsd" = "1" ; then
 AC_CHECK_LIB([crypto], [EVP_EncryptInit], [],
              [AC_MSG_FAILURE([can't find openssl crypto lib])]
@@ -115,13 +120,13 @@ AC_CHECK_LIB([crypto], [EVP_CIPHER_CTX_reset], [],
 AC_ARG_WITH([libcurl-dir],
  [AS_HELP_STRING([--with-libcurl-dir],
 				 [enable support for client proxy using libcurl])],
- [libcurldir="$withval"],
- [with_libcurldir=no])
+ [],
+ [with_libcurl_dir=no])
 
   AS_IF(
-        [test "x$with_libcurldir" != xno],
-        [[CFLAGS="$CFLAGS -I$libcurldir/include"]
-         [LDFLAGS="$LDFLAGS -L$libcurldir/lib -lcurl"]
+        [test "$with_libcurl_dir" != "no"],
+        [[CFLAGS="$CFLAGS -I$with_libcurl_dir/include"]
+         [LDFLAGS="$LDFLAGS -L$with_libcurl_dir/lib -lcurl"]
          AC_CHECK_LIB(
               [curl],
               [curl_easy_init],
@@ -138,17 +143,17 @@ AC_ARG_WITH([libcurl-dir],
 AC_ARG_WITH([uriparser-dir],
  [AS_HELP_STRING([--with-uriparser-dir],
 				 [enable support for path segments using uriparser])],
- [uriparserdir="$withval"],
- [with_uriparserdir=no])
+ [],
+ [with_uriparser_dir=no])
           
  dnl CFLAGS="$CFLAGS -Wall -I$uriparserdir/include"
  dnl CPPFLAGS="$CPPFLAGS -I$uriparser/include"
  dnl LDFLAGS="$LDFLAGS -L$uriparserdir/lib -luriparser"
 
   AS_IF(
-        [test "x$with_uriparserdir" != xno],
-        [[CFLAGS="$CFLAGS -I$uriparserdir/include"]
-         [LDFLAGS="$LDFLAGS -L$uriparserdir/lib -luriparser"]
+        [test "$with_uriparser_dir" != "no"],
+        [[CFLAGS="$CFLAGS -I$with_uriparser_dir/include"]
+         [LDFLAGS="$LDFLAGS -L$with_uriparser_dir/lib -luriparser"]
          AC_CHECK_LIB(
               [uriparser], 
               [uriParseUriA],
@@ -165,13 +170,13 @@ AC_ARG_WITH([uriparser-dir],
 AC_ARG_WITH([libcoap-dir],
  [AS_HELP_STRING([--with-libcoap-dir],
 				 [enable support for ESToCoAP using libcoap library])],
- [libcoapdir="$withval"],
- [with_libcoapdir=no])          
+ [],
+ [with_libcoap_dir=no])
 
   AS_IF(
-        [test "x$with_libcoapdir" != xno],
-        [[CFLAGS="$CFLAGS -I$libcoapdir/include"]
-         [LDFLAGS="$LDFLAGS -L$libcoapdir/lib -lcoap-2-openssl"]
+        [test "$with_libcoap_dir" != "no"],
+        [[CFLAGS="$CFLAGS -I$with_libcoap_dir/include"]
+         [LDFLAGS="$LDFLAGS -L$with_libcoap_dir/lib -lcoap-2-openssl"]
          AC_CHECK_LIB(
               [coap-2-openssl], 
               [coap_startup],
@@ -183,20 +188,50 @@ AC_ARG_WITH([libcoap-dir],
         ]
        )
 
-SAFEC_STUB_DIR='$(abs_top_builddir)/safe_c_stub'
-AC_SUBST(SAFEC_STUB_DIR)
-safecdir="$SAFEC_STUB_DIR" 
-AC_SUBST([SAFEC_DIR], "$safecdir")
-AC_SUBST([SAFEC_CFLAGS], "$safecdir/include")
-AC_SUBST([SAFEC_LDFLAGS], "$safecdir/lib")
-
-CFLAGS="$CFLAGS -Wall -I$safecdir/include"
-LDFLAGS="$LDFLAGS -L$safecdir/lib"
-LIBS="$LIBS -lsafe_lib"
+AC_ARG_WITH(system-libsafec,
+            AS_HELP_STRING([--with-system-libsafec],
+                           [select to use libsafec installed in the system]),
+            [],
+            [with_system_libsafec="no"])
+
+AC_MSG_CHECKING(which libsafec to use)
+AM_CONDITIONAL([WITH_SYSTEM_LIBSAFEC], [test "$with_system_libsafec" = "yes"])
+AM_COND_IF([WITH_SYSTEM_LIBSAFEC], AC_MSG_RESULT([system]), AC_MSG_RESULT([built-in]))
+AM_COND_IF([WITH_SYSTEM_LIBSAFEC],
+[
+           PKG_CHECK_MODULES([libsafec], [libsafec])
+           LIBS="$LIBS $libsafec_LIBS"
+           CFLAGS="$CFLAGS $libsafec_CFLAGS"
+           CPPFLAGS="$CPPFLAGS $libsafec_CFLAGS"
+],[
+           SAFEC_STUB_DIR='$(abs_top_builddir)/safe_c_stub'
+           AC_SUBST(SAFEC_STUB_DIR)
+           safecdir="$SAFEC_STUB_DIR"
+           AC_SUBST([SAFEC_DIR], "$safecdir")
+           AC_SUBST([SAFEC_CFLAGS], "$safecdir/include")
+           AC_SUBST([SAFEC_LDFLAGS], "$safecdir/lib")
+
+           CFLAGS="$CFLAGS -Wall -I$safecdir/include"
+           LDFLAGS="$LDFLAGS -L$safecdir/lib"
+           LIBS="$LIBS -lsafe_lib"
+])
 
 AC_PREFIX_DEFAULT([/usr/local/est])
 
 cp confdefs.h est_config.h
 
-AC_CONFIG_FILES([Makefile version safe_c_stub/Makefile safe_c_stub/lib/Makefile java/jni/Makefile src/Makefile src/est/Makefile example/client/Makefile example/client-simple/Makefile example/client-brski/Makefile example/server/Makefile example/proxy/Makefile])
+AC_CONFIG_FILES([Makefile version src/Makefile src/est/Makefile])
+AM_COND_IF([ENABLE_JNI],
+           [AC_CONFIG_FILES([java/jni/Makefile])])
+AM_COND_IF([ENABLE_EXAMPLES],
+[
+            AC_CONFIG_FILES([example/client/Makefile example/client-simple/Makefile example/client-brski/Makefile])
+            AM_COND_IF([ENABLE_CLIENT_ONLY],
+                       [],
+                       [AC_CONFIG_FILES([example/server/Makefile example/proxy/Makefile])])
+])
+AM_COND_IF([WITH_SYSTEM_LIBSAFEC],
+           [],
+           [AC_CONFIG_FILES([safe_c_stub/Makefile safe_c_stub/lib/Makefile])])
+
 AC_OUTPUT
diff --git a/java/jni/client.c b/java/jni/client.c
index 9a8a34e..f7aeefc 100644
--- a/java/jni/client.c
+++ b/java/jni/client.c
@@ -130,11 +130,18 @@ static int jni_est_client_X509_REQ_sign (X509_REQ *x, EVP_PKEY *pkey, const EVP_
 {
     int rv;
     EVP_PKEY_CTX *pkctx = NULL;
-    EVP_MD_CTX mctx;
+    EVP_MD_CTX *mctx;
 
-    EVP_MD_CTX_init(&mctx);
+#ifdef HAVE_OLD_OPENSSL
+    EVP_MD_CTX md_ctx;
+    mctx = &md_ctx;
 
-    if (!EVP_DigestSignInit(&mctx, &pkctx, md, NULL, pkey)) {
+    EVP_MD_CTX_init(mctx);
+#else
+    mctx = EVP_MD_CTX_new();
+#endif
+
+    if (!EVP_DigestSignInit(mctx, &pkctx, md, NULL, pkey)) {
         return 0;
     }
 
@@ -150,9 +157,13 @@ static int jni_est_client_X509_REQ_sign (X509_REQ *x, EVP_PKEY *pkey, const EVP_
     x->req_info->enc.modified = 1;
 #endif
 
-    rv = X509_REQ_sign_ctx(x, &mctx);
+    rv = X509_REQ_sign_ctx(x, mctx);
 
-    EVP_MD_CTX_cleanup(&mctx);
+#ifdef HAVE_OLD_OPENSSL
+    EVP_MD_CTX_cleanup(mctx);
+#else
+    EVP_MD_CTX_free(mctx);
+#endif
 
     return (rv);
 }
diff --git a/src/est/est_server_http.c b/src/est/est_server_http.c
index 2a2de1f..4ce73c9 100644
--- a/src/est/est_server_http.c
+++ b/src/est/est_server_http.c
@@ -36,15 +36,15 @@
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 // THE SOFTWARE.
 
-#include "safe_lib.h"
-#include "safe_str_lib.h"
-#include "safe_mem_lib.h"
 #ifdef WIN32
 #include <WS2tcpip.h>
 #endif 
 #include <openssl/err.h>
 #include <openssl/ssl.h>
 #include <openssl/x509v3.h>
+#include "safe_lib.h"
+#include "safe_str_lib.h"
+#include "safe_mem_lib.h"
 #if defined(_WIN32)
 #define _CRT_SECURE_NO_WARNINGS // Disable deprecation warning in VS2005
 #else