diff --git a/run-ci.sh b/run-ci.sh
index 66bbac2..c9812b3 100755
--- a/run-ci.sh
+++ b/run-ci.sh
@@ -22,6 +22,11 @@ if [[ $PARTS =~ (^|,)builds(,|$) ]]; then
         dub build --combined --arch=x86
         dub clean --all-packages
     fi
+
+    # test for successful notls build
+    if [ "$DC" == "dmd" ]; then
+        dub build --override-config vibe-stream:tls/notls
+    fi
 fi
 
 if [[ $PARTS =~ (^|,)unittests(,|$) ]]; then
diff --git a/source/vibe/http/internal/http1/server.d b/source/vibe/http/internal/http1/server.d
index 55cee71..b164bd2 100644
--- a/source/vibe/http/internal/http1/server.d
+++ b/source/vibe/http/internal/http1/server.d
@@ -43,7 +43,7 @@ void handleHTTP1Connection(TLSStreamType)(TCPConnection connection, TLSStreamTyp
 		HTTPServerSettings settings;
 		bool keep_alive;
 
-		version(HaveNoTLS) {} else {
+		static if (HaveNoTLS) {} else {
 			// handle oderly TLS shutdowns
 			if (tls_stream && tls_stream.empty) break;
 		}
@@ -108,7 +108,7 @@ private bool handleRequest(TLSStreamType, Allocator)(StreamProxy http_stream, TC
 	auto res = FreeListRef!HTTPServerResponse(exchange, settings, request_allocator/*.Scoped_payload*/);
 	req.tls = res.m_tls = listen_info.tlsContext !is null;
 	if (req.tls) {
-		version (HaveNoTLS) assert(false);
+		static if (HaveNoTLS) assert(false);
 		else {
 			static if (is(InterfaceProxy!ConnectionStream == ConnectionStream))
 				req.clientCertificate = (cast(TLSStream)http_stream).peerCertificate;
diff --git a/source/vibe/http/internal/http2/exchange.d b/source/vibe/http/internal/http2/exchange.d
index 555a02b..677cfe7 100644
--- a/source/vibe/http/internal/http2/exchange.d
+++ b/source/vibe/http/internal/http2/exchange.d
@@ -196,7 +196,7 @@ bool handleHTTP2Request(UStream)(ref HTTP2ConnectionStream!UStream stream,
 	req.tls = istls;
 
 	if (req.tls) {
-		version (HaveNoTLS) assert(false);
+		static if (HaveNoTLS) assert(false);
 		else {
 			static if (is(InterfaceProxy!Stream == Stream))
 				req.clientCertificate = (cast(TLSStream)stream.connection).peerCertificate;
diff --git a/source/vibe/http/server.d b/source/vibe/http/server.d
index 80d94cc..70bfdbd 100644
--- a/source/vibe/http/server.d
+++ b/source/vibe/http/server.d
@@ -47,10 +47,10 @@ import std.typecons;
 import std.uri;
 
 
-version (VibeNoSSL) version = HaveNoTLS;
-else version (Have_botan) {}
-else version (Have_openssl) {}
-else version = HaveNoTLS;
+version (VibeNoSSL) enum HaveNoTLS = true;
+else version (Have_botan) enum HaveNoTLS = false;
+else version (Have_openssl) enum HaveNoTLS = false;
+else enum HaveNoTLS = true;
 
 /**************************************************************************************************/
 /* Public functions                                                                               */
@@ -198,7 +198,7 @@ void handleHTTPConnection(TCPConnection connection, HTTPServerContext context)
 	import vibe.http.internal.http2.server : handleHTTP2Connection;
 	import vibe.http.internal.http2.settings : HTTP2ServerContext, HTTP2Settings;
 
-	version(HaveNoTLS) {
+	static if (HaveNoTLS) {
 		alias TLSStreamType = Stream;
 	} else {
 		alias TLSStreamType = ReturnType!(createTLSStreamFL!(InterfaceProxy!Stream));
@@ -231,7 +231,7 @@ void handleHTTPConnection(TCPConnection connection, HTTPServerContext context)
 
 	// If this is a HTTPS server, initiate TLS
 	if (context.tlsContext) {
-		version (HaveNoTLS) assert(false, "No TLS support compiled in.");
+		static if (HaveNoTLS) assert(false, "No TLS support compiled in.");
 		else {
 			logDebug("Accept TLS connection: %s", context.tlsContext.kind);
 			// TODO: reverse DNS lookup for peer_name of the incoming connection for TLS client certificate verification purposes