OpenSSL1.0.2 vulnerability with ssl_verify_client disabled

ahoffmann nginx-forum at forum.nginx.org
Wed May 26 14:08:29 UTC 2021

Previous message (by thread): Help: Using Nginx Reverse Proxy bypass traffic in to a application running in a container
Next message (by thread): Request for comments on Nginx configuration
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello all,

regarding more specifically the vulnerability described by CVE-2020-1971,
would my NGINX server be affected by this vulnerability even if I have
ssl_verify_client off?

Many Thanks in advance.

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,291662,291662#msg-291662

Previous message (by thread): Help: Using Nginx Reverse Proxy bypass traffic in to a application running in a container
Next message (by thread): Request for comments on Nginx configuration
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the nginx mailing list