diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 06d7cabf8..b681d639e 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3654,8 +3654,10 @@ reneg_ok:
 				global.ssl_be_keys_max = global.ssl_be_keys_per_sec.curr_ctr;
 
 			/* check if session was reused, if not store current session on server for reuse */
-			if (objt_server(conn->target)->ssl_ctx.reused_sess)
+			if (objt_server(conn->target)->ssl_ctx.reused_sess) {
 				SSL_SESSION_free(objt_server(conn->target)->ssl_ctx.reused_sess);
+				objt_server(conn->target)->ssl_ctx.reused_sess = NULL;
+			}
 
 			if (!(objt_server(conn->target)->ssl_ctx.options & SRV_SSL_O_NO_REUSE))
 				objt_server(conn->target)->ssl_ctx.reused_sess = SSL_get1_session(conn->xprt_ctx);