diff --git a/include/haproxy/ssl_sock-t.h b/include/haproxy/ssl_sock-t.h
index 8bbbdd71c..d8c261388 100644
--- a/include/haproxy/ssl_sock-t.h
+++ b/include/haproxy/ssl_sock-t.h
@@ -254,6 +254,7 @@ struct ssl_keylog {
 #define SSL_SOCK_F_KTLS_SEND            (1 << 2) /* kTLS send is configured on that socket */
 #define SSL_SOCK_F_KTLS_RECV            (1 << 3) /* kTLS receive is configure on that socket */
 #define SSL_SOCK_F_CTRL_SEND            (1 << 4) /* We want to send a kTLS control message for that socket */
+#define SSL_SOCK_F_HAS_ALPN             (1 << 5) /* An ALPN has been negociated */
 
 struct ssl_sock_ctx {
 	struct connection *conn;
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 8d6e5b000..531bc9330 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -2178,6 +2178,13 @@ static int ssl_sock_advertise_alpn_protos(SSL *s, const unsigned char **out,
                                           unsigned int server_len, void *arg)
 {
 	struct ssl_bind_conf *conf = arg;
+	struct connection *conn;
+	struct ssl_sock_ctx *ctx;
+
+	conn = SSL_get_ex_data(s, ssl_app_data_index);
+	ctx = __conn_get_ssl_sock_ctx(conn);
+
+
 #ifdef USE_QUIC
 	struct quic_conn *qc = SSL_get_ex_data(s, ssl_qc_app_data_index);
 #endif
@@ -2198,6 +2205,7 @@ static int ssl_sock_advertise_alpn_protos(SSL *s, const unsigned char **out,
 	}
 #endif
 
+	ctx->flags |= SSL_SOCK_F_HAS_ALPN;
 	return SSL_TLSEXT_ERR_OK;
 }
 #endif