diff --git a/patches/nginx-1.17.1-ssl_cert_cb_yield.patch b/patches/nginx-1.17.1-ssl_cert_cb_yield.patch
index e394039..89773c0 100644
--- a/patches/nginx-1.17.1-ssl_cert_cb_yield.patch
+++ b/patches/nginx-1.17.1-ssl_cert_cb_yield.patch
@@ -14,9 +14,9 @@ Here we added support for such usage in NGINX 3rd-party modules
 connections.
 
 diff -r 78b4e10b4367 -r 449f0461859c src/event/ngx_event_openssl.c
---- a/src/event/ngx_event_openssl.c	Thu Dec 17 16:39:15 2015 +0300
-+++ b/src/event/ngx_event_openssl.c	Sat Jan 02 11:14:44 2016 -0800
-@@ -1210,6 +1210,23 @@
+--- a/src/event/ngx_event_openssl.c Thu Dec 17 16:39:15 2015 +0300
++++ b/src/event/ngx_event_openssl.c Sat Jan 02 11:14:44 2016 -0800
+@@ -1445,6 +1445,23 @@ ngx_ssl_handshake(ngx_connection_t *c)
          return NGX_AGAIN;
      }
  
@@ -39,4 +39,26 @@ diff -r 78b4e10b4367 -r 449f0461859c src/event/ngx_event_openssl.c
 +
      err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0;
  
+     c->ssl->no_wait_shutdown = 1;
+@@ -1558,6 +1575,21 @@ ngx_ssl_try_early_data(ngx_connection_t *c)
+         return NGX_AGAIN;
+     }
+ 
++    if (sslerr == SSL_ERROR_WANT_X509_LOOKUP) {
++        c->read->handler = ngx_ssl_handshake_handler;
++        c->write->handler = ngx_ssl_handshake_handler;
++
++        if (ngx_handle_read_event(c->read, 0) != NGX_OK) {
++            return NGX_ERROR;
++        }
++
++        if (ngx_handle_write_event(c->write, 0) != NGX_OK) {
++            return NGX_ERROR;
++        }
++
++        return NGX_AGAIN;
++    }
++
+     err = (sslerr == SSL_ERROR_SYSCALL) ? ngx_errno : 0;
+ 
      c->ssl->no_wait_shutdown = 1;