If you are not using an official OpenResty release, then you need to apply our NGINX core patches to support yielding operations in lua module's ssl_session_fetch_by_lua* and ssl_certificate_by_lua* directives. OpenResty releases after 188.8.131.52 already include these patches. If you are building your own Nginx with OpenResty's lua modules, then you will have to apply the patches yourself:
Additionally, note that if you are using OpenSSL versions older than 1.1.1 such
as 1.1.0 or 1.0.2, then you must also apply our OpenSSL
openresty-openssl pre-built packages
already include these patches.