OpenSSL1.0.2 vulnerability with ssl_verify_client disabled

ahoffmann nginx-forum at
Wed May 26 14:08:29 UTC 2021

Hello all,

regarding more specifically the vulnerability described by CVE-2020-1971,
would my NGINX server be affected by this vulnerability even if I have
ssl_verify_client off?

Many Thanks in advance.

Posted at Nginx Forum:,291662,291662#msg-291662

More information about the nginx mailing list