I am not sure of the circumstances that lead to this happening, but SSL_get_ex_data can return null, which causes a crash in tls.vibe.stream.openssl.OpenSSLContext.verify_callback when it tries to use vdata. I haven't been able to find something that can reproduce it reliably, but I've seen it happen a few times.

Which OpenSSL version ? Did you see it with v0.9.5 as well ?

OpenSSL 1.1.1l. I didn't test it with 0.9.5, but vibe.d still doesn't check if that function encountered an error, so I doubt it has changed at all