diff --git a/src/ngx_http_voms_module.cpp b/src/ngx_http_voms_module.cpp
index 29ae6a9855c42b5dedd966fb96c806ce8cbe6638..bee998fc68e5edb6f9d41bd7a342798ac53fc3e5 100644
--- a/src/ngx_http_voms_module.cpp
+++ b/src/ngx_http_voms_module.cpp
@@ -266,6 +266,11 @@ static MaybeVomsAc retrieve_voms_ac_from_proxy(ngx_http_request_t* r)
     return boost::none;
   }
 
+  if (!r->connection->ssl) {
+    ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "plain HTTP request");
+    return boost::none;
+  }
+
   auto client_cert = X509Ptr{
       SSL_get_peer_certificate(r->connection->ssl->connection), X509_free};
   if (!client_cert) {
diff --git a/t/no_ssl.t b/t/no_ssl.t
index ea3fea82ba08b7f38694671798c69ab5b26fa0c0..c4ef07eb3aefa3a6c30aa507977ca12a06609fd4 100644
--- a/t/no_ssl.t
+++ b/t/no_ssl.t
@@ -12,7 +12,7 @@ __DATA__
     server {
         error_log logs/error.log debug;
         listen 8443;
-	location = / {
+        location = / {
             default_type text/plain;
             echo $voms_user;
         }
diff --git a/t/ssl_log_voms_plain_http.t b/t/ssl_log_voms_plain_http.t
new file mode 100644
index 0000000000000000000000000000000000000000..1989c41f1a81397ded908dd3b19bf8279f61361a
--- /dev/null
+++ b/t/ssl_log_voms_plain_http.t
@@ -0,0 +1,61 @@
+
+# This test is always successful because, for some reason (a bug?)
+# the error.log as seen in Test::Nginx doesn't contain the entries for
+# the master process, although they are evailable in the actual file.
+# As a consequence the no_error_log check is always satisfied,
+# even if the segmentation fault were present
+
+use Test::Nginx::Socket 'no_plan';
+
+master_on();
+
+run_tests();
+
+__DATA__
+
+=== TEST 1: SSL server, logging a VOMS variabile, but plain HTTP request
+--- main_config
+    env X509_VOMS_DIR=t/vomsdir;
+--- http_config
+    log_format voms '$remote_addr - $remote_user [$time_local] '
+                    '"$request" $status $body_bytes_sent '
+                    '"$http_referer" "$http_user_agent" '
+                    '[$voms_user]';
+    server {
+        error_log logs/error.log debug;
+        access_log logs/access.log voms;
+        listen 8443 ssl;
+        ssl_certificate ../../certs/nginx_voms_example.cert.pem;
+        ssl_certificate_key ../../certs/nginx_voms_example.key.pem;
+        ssl_client_certificate ../../trust-anchors/igi-test-ca.pem;
+        ssl_verify_depth 10;
+	    location = / {
+            default_type text/plain;
+            echo $voms_user;
+        }
+    }
+--- config
+    location = /lua {
+        error_log logs/error-proxy.log debug;
+        access_log logs/access-proxy.log;
+        content_by_lua_block {
+            local sock = ngx.socket.tcp()
+            local ok, err = sock:connect("127.0.0.1", 8443)
+            if not ok then
+                ngx.say("failed to connect to upstream: ", err)
+                return
+            end
+            ngx.say("successfully connected to upstream!")
+            sock:send("G")
+            sock:close()
+        }
+    }
+--- request
+GET /lua
+--- error_log
+client prematurely closed connection
+retrieve_voms_ac_from_proxy
+plain http
+--- no_error_log
+signal 11
+--- error_code: 200