diff --git a/images/macos/scripts/build/install-openssl.sh b/images/macos/scripts/build/install-openssl.sh
index b463879de05c..7f66940995b3 100644
--- a/images/macos/scripts/build/install-openssl.sh
+++ b/images/macos/scripts/build/install-openssl.sh
@@ -8,20 +8,24 @@ source ~/utils/utils.sh
 
 echo "Install openssl@1.1"
 
-openssl_pkg=$(download_with_retry "https://www.openssl.org/source/openssl-1.1.1w.tar.gz")
-tar -xvf $openssl_pkg
-cd openssl-1.1.1w
-./config --prefix=/usr/local/openssl
-make
-sudo make install
-export OPENSSL="/usr/local/openssl/bin"
-echo "export OPENSSL=${OPENSSL}" >> ${HOME}/.bashrc
+COMMIT=d91dabd087cb0b906c92a825df9e5e5e1a4f59f8
+FORMULA_URL="https://raw.githubusercontent.com/Homebrew/homebrew-core/$COMMIT/Formula/o/openssl@1.1.rb"
+FORMULA_PATH="$(brew --repository)/Library/Taps/homebrew/homebrew-core/Formula/o/openssl@1.1.rb"
+mkdir -p "$(dirname $FORMULA_PATH)"
+curl -fsSL $FORMULA_URL -o $FORMULA_PATH
+HOMEBREW_NO_AUTO_UPDATE=1 HOMEBREW_NO_INSTALL_FROM_API=1 brew install openssl@1.1
 
 if ! is_Arm64; then
-  ln -sf ${OPENSSL}/openssl /usr/local/bin/openssl
-  ln -sf ${OPENSSL}/openssl /usr/local/opt/openssl
+  # Symlink brew openssl@1.1 to `/usr/local/bin` as Homebrew refuses
+  ln -sf $(brew --prefix openssl@1.1)/bin/openssl /usr/local/bin/openssl
 else
-  ln -sf ${OPENSSL}/openssl /opt/homebrew/bin/openssl
+  # arm64 has a different installation prefix for brew
+  ln -sf $(brew --prefix openssl@1.1)/bin/openssl /opt/homebrew/bin/openssl
+fi
+
+if ! is_Arm64; then
+  # Most of build systems and scripts look up ssl here
+  ln -sf $(brew --cellar openssl@1.1)/1.1* /usr/local/opt/openssl
 fi
 
 invoke_tests "OpenSSL"
diff --git a/images/macos/scripts/tests/OpenSSL.Tests.ps1 b/images/macos/scripts/tests/OpenSSL.Tests.ps1
index bbd23474f5dc..1fb8886a8a1a 100644
--- a/images/macos/scripts/tests/OpenSSL.Tests.ps1
+++ b/images/macos/scripts/tests/OpenSSL.Tests.ps1
@@ -7,6 +7,13 @@ Describe "OpenSSL" {
         }
     }
 
+    Context "OpenSSL 1.1 Path Check" {
+        It "OpenSSL 1.1 path exists" {
+            $openSSLpath = brew --prefix openssl@1.1
+            $openSSLpath | Should -Exist
+        }
+    }
+
     Context "OpenSSL 1.1 is default" {
         It "Default OpenSSL version is 1.1" {
             $commandResult = Get-CommandResult "openssl version"