diff --git a/patches/nginx/1.27.1/nginx-1.27.1-proxy_ssl_verify_cb_yield.patch b/patches/nginx/1.27.1/nginx-1.27.1-proxy_ssl_verify_cb_yield.patch
new file mode 100644
index 0000000..a067e9d
--- /dev/null
+++ b/patches/nginx/1.27.1/nginx-1.27.1-proxy_ssl_verify_cb_yield.patch
@@ -0,0 +1,51 @@
+diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
+index 9e8f424..8be4537 100644
+--- a/src/event/ngx_event_openssl.c
++++ b/src/event/ngx_event_openssl.c
+@@ -1921,6 +1921,9 @@ ngx_ssl_handshake(ngx_connection_t *c)
+ #   endif
+ #   ifdef SSL_ERROR_WANT_CLIENT_HELLO_CB
+         || sslerr == SSL_ERROR_WANT_CLIENT_HELLO_CB
++#   endif
++#   ifdef SSL_ERROR_WANT_RETRY_VERIFY
++        || sslerr == SSL_ERROR_WANT_RETRY_VERIFY
+ #   endif
+        )
+     {
+@@ -2135,6 +2138,23 @@ ngx_ssl_try_early_data(ngx_connection_t *c)
+     }
+ #endif
+ 
++#ifdef SSL_ERROR_WANT_RETRY_VERIFY
++    if (sslerr == SSL_ERROR_WANT_RETRY_VERIFY) {
++        c->read->handler = ngx_ssl_handshake_handler;
++        c->write->handler = ngx_ssl_handshake_handler;
++
++        if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
++            return NGX_ERROR;
++        }
++
++        if (ngx_handle_write_event(c->write, 0) != NGX_OK) {
++            return NGX_ERROR;
++        }
++
++        return NGX_AGAIN;
++    }
++#endif
++
+     err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0;
+ 
+     c->ssl->no_wait_shutdown = 1;
+diff --git a/src/http/modules/ngx_http_proxy_module.c b/src/http/modules/ngx_http_proxy_module.c
+index c69a476..8309ff4 100644
+--- a/src/http/modules/ngx_http_proxy_module.c
++++ b/src/http/modules/ngx_http_proxy_module.c
+@@ -4987,7 +4987,7 @@ ngx_http_proxy_set_ssl(ngx_conf_t *cf, ngx_http_proxy_loc_conf_t *plcf)
+         return NGX_OK;
+     }
+ 
+-    if (ngx_ssl_create(plcf->upstream.ssl, plcf->ssl_protocols, NULL)
++    if (ngx_ssl_create(plcf->upstream.ssl, plcf->ssl_protocols, plcf)
+         != NGX_OK)
+     {
+         return NGX_ERROR;
diff --git a/util/mirror-tarballs b/util/mirror-tarballs
index f7a77a5..5e37f71 100755
--- a/util/mirror-tarballs
+++ b/util/mirror-tarballs
@@ -493,6 +493,13 @@ if [ "$answer" = "Y" ]; then
     echo
 fi
 
+answer=`$root/util/ver-ge "$main_ver" 1.27.1`
+if [ "$answer" = "Y" ]; then
+    echo "$info_txt applying the proxy_ssl_verify_cb_yield.patch patch to nginx"
+    patch -p1 < $root/patches/nginx/$main_ver/nginx-$main_ver-proxy_ssl_verify_cb_yield.patch
+    echo
+fi
+
 answer=`$root/util/ver-ge "$main_ver" 0.6.18`
 if [ "$answer" = "Y" ]; then
     answer=`$root/util/ver-ge "$main_ver" 1.20.1`