There is no need to retain $ssl1. The only requirement is that both $ssl objects come from the same $ctx.