A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0but was omitted from OpenSSL 1.0.2i. As a result any attempt to useCRLs in OpenSSL 1.0.2i will crash with a null pointer exception. OpenSSL 1.0.2i users should upgrade to 1.0.2j Reference: