diff --git a/lib/secure-streams/secure-streams.c b/lib/secure-streams/secure-streams.c
index edb0f6900..fdfa3dd6b 100644
--- a/lib/secure-streams/secure-streams.c
+++ b/lib/secure-streams/secure-streams.c
@@ -714,6 +714,7 @@ lws_ss_create(struct lws_context *context, int tsi, const lws_ss_info_t *ssi,
 		*ppp = NULL;
 		i.pprotocols = pprot;
 
+#if defined(LWS_WITH_TLS)
 		if (h->policy->flags & LWSSSPOLF_TLS) {
 			i.options |= LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT;
 			i.server_ssl_cert_mem =
@@ -725,6 +726,7 @@ lws_ss_create(struct lws_context *context, int tsi, const lws_ss_info_t *ssi,
 			i.server_ssl_private_key_mem_len = (unsigned int)
 				h->policy->trust.server.key->ca_der_len;
 		}
+#endif
 
 		vho = lws_create_vhost(context, &i);
 		if (!vho) {
diff --git a/minimal-examples/http-server/minimal-http-server-cgi/minimal-http-server.c b/minimal-examples/http-server/minimal-http-server-cgi/minimal-http-server.c
index 62a453a48..1e8bc91e4 100644
--- a/minimal-examples/http-server/minimal-http-server-cgi/minimal-http-server.c
+++ b/minimal-examples/http-server/minimal-http-server-cgi/minimal-http-server.c
@@ -82,11 +82,13 @@ int main(int argc, const char **argv)
 	info.options =
 		LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE;
 
+#if defined(LWS_WITH_TLS)
 	if (lws_cmdline_option(argc, argv, "-s")) {
 		info.options |= LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT;
 		info.ssl_cert_filepath = "localhost-100y.cert";
 		info.ssl_private_key_filepath = "localhost-100y.key";
 	}
+#endif
 
 	context = lws_create_context(&info);
 	if (!context) {
diff --git a/minimal-examples/http-server/minimal-http-server-eventlib-foreign/CMakeLists.txt b/minimal-examples/http-server/minimal-http-server-eventlib-foreign/CMakeLists.txt
index 20abc1920..5bba0c5d8 100644
--- a/minimal-examples/http-server/minimal-http-server-eventlib-foreign/CMakeLists.txt
+++ b/minimal-examples/http-server/minimal-http-server-eventlib-foreign/CMakeLists.txt
@@ -13,6 +13,7 @@ set(requirements 1)
 require_pthreads(requirements)
 require_lws_config(LWS_ROLE_H1 1 requirements)
 require_lws_config(LWS_WITH_SERVER 1 requirements)
+require_lws_config(LWS_WITH_TLS 1 requirements)
 
 CHECK_C_SOURCE_COMPILES("#include <libwebsockets.h>\nint main(void) {\n#if defined(LWS_WITH_LIBUV)\n return 0;\n#else\n fail;\n#endif\n return 0;\n}\n" LWS_WITH_LIBUV)
 CHECK_C_SOURCE_COMPILES("#include <libwebsockets.h>\nint main(void) {\n#if defined(LWS_WITH_LIBEVENT)\n return 0;\n#else\n fail;\n#endif\n return 0;\n}\n" LWS_WITH_LIBEVENT)
diff --git a/minimal-examples/raw/minimal-raw-proxy-fallback/minimal-raw-proxy-fallback.c b/minimal-examples/raw/minimal-raw-proxy-fallback/minimal-raw-proxy-fallback.c
index 98572aedc..ef94fad9a 100644
--- a/minimal-examples/raw/minimal-raw-proxy-fallback/minimal-raw-proxy-fallback.c
+++ b/minimal-examples/raw/minimal-raw-proxy-fallback/minimal-raw-proxy-fallback.c
@@ -106,6 +106,7 @@ int main(int argc, const char **argv)
 	info.listen_accept_role = "raw-proxy";
 	info.listen_accept_protocol = "raw-proxy";
 
+#if defined(LWS_WITH_TLS)
 	if (lws_cmdline_option(argc, argv, "-s")) {
 		info.options |= LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT |
 				LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT;
@@ -118,6 +119,7 @@ int main(int argc, const char **argv)
 		if (lws_cmdline_option(argc, argv, "-h"))
 			info.options |= LWS_SERVER_OPTION_ALLOW_HTTP_ON_HTTPS_LISTENER;
 	}
+#endif
 
 	context = lws_create_context(&info);
 	if (!context) {