diff -ur nginx-1.12.2-wolfssl/auto/options nginx-1.12.2-wolfssl-debug/auto/options
--- nginx-1.12.2-wolfssl/auto/options	2018-02-02 11:13:34.994958124 +1000
+++ nginx-1.12.2-wolfssl-debug/auto/options	2018-02-02 11:13:06.954847473 +1000
@@ -143,7 +143,6 @@
 
 USE_OPENSSL=NO
 OPENSSL=NONE
-WOLFSSL=NONE
 
 USE_ZLIB=NO
 ZLIB=NONE
@@ -346,7 +345,6 @@
         --with-pcre-opt=*)               PCRE_OPT="$value"          ;;
         --with-pcre-jit)                 PCRE_JIT=YES               ;;
 
-        --with-wolfssl=*)                WOLFSSL="$value"           ;;
         --with-openssl=*)                OPENSSL="$value"           ;;
         --with-openssl-opt=*)            OPENSSL_OPT="$value"       ;;
 
@@ -565,7 +563,6 @@
   --with-libatomic                   force libatomic_ops library usage
   --with-libatomic=DIR               set path to libatomic_ops library sources
 
-  --with-wolfssl=DIR                 set path to wolfSSL headers and library
   --with-openssl=DIR                 set path to OpenSSL library sources
   --with-openssl-opt=OPTIONS         set additional build options for OpenSSL
 
diff -ur nginx-1.12.2-wolfssl/src/event/ngx_event_openssl.c nginx-1.12.2-wolfssl-debug/src/event/ngx_event_openssl.c
--- nginx-1.12.2-wolfssl/src/event/ngx_event_openssl.c	2018-02-02 11:13:34.994958124 +1000
+++ nginx-1.12.2-wolfssl-debug/src/event/ngx_event_openssl.c	2018-02-02 11:13:47.819009306 +1000
@@ -144,6 +144,11 @@
 
 #endif
 
+#ifdef WOLFSSL_NGINX
+    /* Turn on internal wolfssl debugging to stdout */
+    wolfSSL_Debugging_ON();
+#endif
+
 #if OPENSSL_VERSION_NUMBER >= 0x0090800fL
 #ifndef SSL_OP_NO_COMPRESSION
     {
@@ -340,10 +345,6 @@
 
     SSL_CTX_set_info_callback(ssl->ctx, ngx_ssl_info_callback);
 
-#ifdef WOLFSSL_NGINX
-    SSL_CTX_set_verify(ssl->ctx, SSL_VERIFY_NONE, NULL);
-#endif
-
     return NGX_OK;
 }
 
@@ -652,14 +653,6 @@
 
 
 ngx_int_t
-ngx_ssl_set_verify_on(ngx_conf_t *cf, ngx_ssl_t *ssl)
-{
-    SSL_CTX_set_verify(ssl->ctx, SSL_VERIFY_PEER, ngx_ssl_verify_callback);
-
-    return NGX_OK;
-}
-
-ngx_int_t
 ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert,
     ngx_int_t depth)
 {
@@ -1094,7 +1087,7 @@
      * maximum interoperability.
      */
 
-#if defined(SSL_CTRL_SET_CURVES_LIST) || defined(WOLFSSL_NGINX)
+#ifdef SSL_CTRL_SET_CURVES_LIST
 
     /*
      * OpenSSL 1.0.2+ allows configuring a curve list instead of a single
@@ -3062,8 +3055,7 @@
             return -1;
         }
 
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L && \
-    (!defined(WOLFSSL_NGINX) || !defined(HAVE_FIPS))
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
         if (HMAC_Init_ex(hctx, key[0].hmac_key, size, digest, NULL) != 1) {
             ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "HMAC_Init_ex() failed");
             return -1;
@@ -3107,8 +3099,7 @@
             size = 32;
         }
 
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L && \
-    (!defined(WOLFSSL_NGINX) || !defined(HAVE_FIPS))
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
         if (HMAC_Init_ex(hctx, key[i].hmac_key, size, digest, NULL) != 1) {
             ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "HMAC_Init_ex() failed");
             return -1;
diff -ur nginx-1.12.2-wolfssl/src/event/ngx_event_openssl.h nginx-1.12.2-wolfssl-debug/src/event/ngx_event_openssl.h
--- nginx-1.12.2-wolfssl/src/event/ngx_event_openssl.h	2018-02-02 11:13:34.994958124 +1000
+++ nginx-1.12.2-wolfssl-debug/src/event/ngx_event_openssl.h	2018-02-02 11:13:06.958847490 +1000
@@ -12,9 +12,6 @@
 #include <ngx_config.h>
 #include <ngx_core.h>
 
-#ifdef WOLFSSL_NGINX
-#include <wolfssl/options.h>
-#endif
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 #include <openssl/bn.h>
@@ -150,7 +147,6 @@
     ngx_str_t *cert, ngx_str_t *key, ngx_array_t *passwords);
 ngx_int_t ngx_ssl_ciphers(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *ciphers,
     ngx_uint_t prefer_server_ciphers);
-ngx_int_t ngx_ssl_set_verify_on(ngx_conf_t *cf, ngx_ssl_t *ssl);
 ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl,
     ngx_str_t *cert, ngx_int_t depth);
 ngx_int_t ngx_ssl_trusted_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl,
diff -ur nginx-1.12.2-wolfssl/src/event/ngx_event_openssl_stapling.c nginx-1.12.2-wolfssl-debug/src/event/ngx_event_openssl_stapling.c
--- nginx-1.12.2-wolfssl/src/event/ngx_event_openssl_stapling.c	2018-02-02 11:13:34.994958124 +1000
+++ nginx-1.12.2-wolfssl-debug/src/event/ngx_event_openssl_stapling.c	2018-02-02 11:13:06.958847490 +1000
@@ -313,9 +313,7 @@
     for (i = 0; i < n; i++) {
         issuer = sk_X509_value(chain, i);
         if (X509_check_issued(issuer, cert) == X509_V_OK) {
-#ifdef WOLFSSL_NGINX
-            issuer = X509_dup(issuer);
-#elif OPENSSL_VERSION_NUMBER >= 0x10100001L
+#if OPENSSL_VERSION_NUMBER >= 0x10100001L
             X509_up_ref(issuer);
 #else
             CRYPTO_add(&issuer->references, 1, CRYPTO_LOCK_X509);
diff -ur nginx-1.12.2-wolfssl/src/http/modules/ngx_http_proxy_module.c nginx-1.12.2-wolfssl-debug/src/http/modules/ngx_http_proxy_module.c
--- nginx-1.12.2-wolfssl/src/http/modules/ngx_http_proxy_module.c	2018-02-02 11:13:34.994958124 +1000
+++ nginx-1.12.2-wolfssl-debug/src/http/modules/ngx_http_proxy_module.c	2018-02-02 11:13:06.962847505 +1000
@@ -4371,8 +4371,6 @@
             return NGX_ERROR;
         }
 
-        ngx_ssl_set_verify_on(cf, plcf->upstream.ssl);
-
         if (ngx_ssl_trusted_certificate(cf, plcf->upstream.ssl,
                                         &plcf->ssl_trusted_certificate,
                                         plcf->ssl_verify_depth)
diff -ur nginx-1.12.2-wolfssl/src/http/modules/ngx_http_ssl_module.c nginx-1.12.2-wolfssl-debug/src/http/modules/ngx_http_ssl_module.c
--- nginx-1.12.2-wolfssl/src/http/modules/ngx_http_ssl_module.c	2018-02-02 11:13:34.994958124 +1000
+++ nginx-1.12.2-wolfssl-debug/src/http/modules/ngx_http_ssl_module.c	2018-02-02 11:13:06.962847505 +1000
@@ -14,11 +14,7 @@
     ngx_pool_t *pool, ngx_str_t *s);
 
 
-#ifndef WOLFSSL_NGINX
 #define NGX_DEFAULT_CIPHERS     "HIGH:!aNULL:!MD5"
-#else
-#define NGX_DEFAULT_CIPHERS     "ALL"
-#endif
 #define NGX_DEFAULT_ECDH_CURVE  "auto"
 
 #define NGX_HTTP_NPN_ADVERTISE  "\x08http/1.1"
diff -ur nginx-1.12.2-wolfssl/src/mail/ngx_mail_ssl_module.c nginx-1.12.2-wolfssl-debug/src/mail/ngx_mail_ssl_module.c
--- nginx-1.12.2-wolfssl/src/mail/ngx_mail_ssl_module.c	2018-02-02 11:13:34.998958139 +1000
+++ nginx-1.12.2-wolfssl-debug/src/mail/ngx_mail_ssl_module.c	2018-02-02 11:13:06.966847521 +1000
@@ -10,11 +10,7 @@
 #include <ngx_mail.h>
 
 
-#ifndef WOLFSSL_NGINX
 #define NGX_DEFAULT_CIPHERS     "HIGH:!aNULL:!MD5"
-#else
-#define NGX_DEFAULT_CIPHERS     "ALL"
-#endif
 #define NGX_DEFAULT_ECDH_CURVE  "auto"
 
 
diff -ur nginx-1.12.2-wolfssl/src/stream/ngx_stream_proxy_module.c nginx-1.12.2-wolfssl-debug/src/stream/ngx_stream_proxy_module.c
--- nginx-1.12.2-wolfssl/src/stream/ngx_stream_proxy_module.c	2018-02-02 11:13:34.998958139 +1000
+++ nginx-1.12.2-wolfssl-debug/src/stream/ngx_stream_proxy_module.c	2018-02-02 11:13:06.970847536 +1000
@@ -2005,8 +2005,6 @@
             return NGX_ERROR;
         }
 
-        ngx_ssl_set_verify_on(cf, pscf->ssl);
-
         if (ngx_ssl_trusted_certificate(cf, pscf->ssl,
                                         &pscf->ssl_trusted_certificate,
                                         pscf->ssl_verify_depth)
diff -ur nginx-1.12.2-wolfssl/src/stream/ngx_stream_ssl_module.c nginx-1.12.2-wolfssl-debug/src/stream/ngx_stream_ssl_module.c
--- nginx-1.12.2-wolfssl/src/stream/ngx_stream_ssl_module.c	2018-02-02 11:13:34.998958139 +1000
+++ nginx-1.12.2-wolfssl-debug/src/stream/ngx_stream_ssl_module.c	2018-02-02 11:13:06.970847536 +1000
@@ -14,11 +14,7 @@
     ngx_pool_t *pool, ngx_str_t *s);
 
 
-#ifndef WOLFSSL_NGINX
 #define NGX_DEFAULT_CIPHERS     "HIGH:!aNULL:!MD5"
-#else
-#define NGX_DEFAULT_CIPHERS     "ALL"
-#endif
 #define NGX_DEFAULT_ECDH_CURVE  "auto"