diff --git a/src/quic_ssl.c b/src/quic_ssl.c
index 79c56d3bb..73b19bfa1 100644
--- a/src/quic_ssl.c
+++ b/src/quic_ssl.c
@@ -452,6 +452,8 @@ int ssl_quic_initial_ctx(struct bind_conf *bind_conf)
 #if !defined(HAVE_SSL_0RTT_QUIC)
 		ha_warning("Binding [%s:%d] for %s %s: 0-RTT with QUIC is not supported by this SSL library, ignored.\n",
 		           bind_conf->file, bind_conf->line, proxy_type_str(bind_conf->frontend), bind_conf->frontend->id);
+#elif defined(OPENSSL_IS_BORINGSSL) || defined(USE_OPENSSL_AWSLC)
+		SSL_CTX_set_early_data_enabled(ctx, 1);
 #else
 		SSL_CTX_set_options(ctx, SSL_OP_NO_ANTI_REPLAY);
 		SSL_CTX_set_max_early_data(ctx, 0xffffffff);
diff --git a/src/ssl_clienthello.c b/src/ssl_clienthello.c
index 9ada252ea..1d5b8fa1b 100644
--- a/src/ssl_clienthello.c
+++ b/src/ssl_clienthello.c
@@ -534,14 +534,6 @@ sni_lookup:
 		return SSL_TLSEXT_ERR_ALERT_FATAL;
 	}
 
-#if defined(OPENSSL_IS_AWSLC)
-	/* Note that ssl_sock_switchctx_set() calls SSL_set_SSL_CTX() which propagates the
-	 * "early data enabled" setting from the SSL_CTX object to the SSL objects.
-	 * So enable early data for this SSL_CTX context if configured.
-	 */
-	if (s->ssl_conf.early_data)
-		SSL_CTX_set_early_data_enabled(container_of(node, struct sni_ctx, name)->ctx, 1);
-#endif
 	/* switch ctx */
 	ssl_sock_switchctx_set(ssl, container_of(node, struct sni_ctx, name)->ctx);
 	HA_RWLOCK_RDUNLOCK(SNI_LOCK, &s->sni_lock);
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 904aa3a75..91c0dec6e 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3441,6 +3441,8 @@ ssl_sock_initial_ctx(struct bind_conf *bind_conf)
 # if defined(OPENSSL_IS_BORINGSSL) || defined(USE_OPENSSL_AWSLC)
 	SSL_CTX_set_select_certificate_cb(ctx, ssl_sock_switchctx_cbk);
 	SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
+	if (bind_conf->ssl_conf.early_data)
+		SSL_CTX_set_early_data_enabled(ctx, 1);
 # elif defined(HAVE_SSL_CLIENT_HELLO_CB)
 #  if defined(SSL_OP_NO_ANTI_REPLAY)
 	if (bind_conf->ssl_conf.early_data)