diff --git a/reg-tests/jwt/jws_verify.vtc b/reg-tests/jwt/jws_verify.vtc
index 3aaf8d8b7..d9a6328f3 100644
--- a/reg-tests/jwt/jws_verify.vtc
+++ b/reg-tests/jwt/jws_verify.vtc
@@ -265,7 +265,8 @@ client c12 -connect ${h1_mainfe_sock} {
     rxresp
     expect resp.status == 200
     expect resp.http.x-jwt-alg == "ES512"
-    expect resp.http.x-jwt-verify-ES512 == "0"
+    # Invalid token
+    expect resp.http.x-jwt-verify-ES512 == "-3"
 } -run
 
 
diff --git a/src/jwt.c b/src/jwt.c
index a17af1847..b901588db 100644
--- a/src/jwt.c
+++ b/src/jwt.c
@@ -331,7 +331,7 @@ jwt_jwsverify_rsa_ecdsa(const struct jwt_ctx *ctx, struct buffer *decoded_signat
 	 */
 	if (is_ecdsa) {
 		int conv_retval = convert_ecdsa_sig(ctx, entry->pkey, decoded_signature);
-		if (retval != 0) {
+		if (conv_retval != 0) {
 			retval = conv_retval;
 			goto end;
 		}