OpenSSL1.0.2 vulnerability with ssl_verify_client disabled

ahoffmann nginx-forum at forum.nginx.org
Wed May 26 14:08:29 UTC 2021


Hello all,

regarding more specifically the vulnerability described by CVE-2020-1971,
would my NGINX server be affected by this vulnerability even if I have
ssl_verify_client off?

Many Thanks in advance.

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,291662,291662#msg-291662



More information about the nginx mailing list