diff --git a/include/haproxy/server-t.h b/include/haproxy/server-t.h
index a665e4e43..2dc27ecc4 100644
--- a/include/haproxy/server-t.h
+++ b/include/haproxy/server-t.h
@@ -485,6 +485,7 @@ struct server {
 			unsigned char *ptr;
 			int size;
 			int allocated_size;
+			uint64_t sni_hash; /* Hash of the SNI used for the session */
 			char *sni; /* SNI used for the session */
 			__decl_thread(HA_RWLOCK_T sess_lock);
 		} * reused_sess;
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 1731b9635..a6d213f56 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -4250,12 +4250,16 @@ static int ssl_sess_new_srv_cb(SSL *ssl, SSL_SESSION *sess)
 			/* if the new sni is empty or isn' t the same as the old one */
 			if ((!sni) || strcmp(s->ssl_ctx.reused_sess[tid].sni, sni) != 0) {
 				ha_free(&s->ssl_ctx.reused_sess[tid].sni);
-				if (sni)
+				s->ssl_ctx.reused_sess[tid].sni_hash = 0;
+				if (sni) {
 					s->ssl_ctx.reused_sess[tid].sni = strdup(sni);
+					s->ssl_ctx.reused_sess[tid].sni_hash = ssl_sock_sni_hash(ist(sni));
+				}
 			}
 		} else if (sni) {
 			/* if there wasn't an old sni but there is a new one */
 			s->ssl_ctx.reused_sess[tid].sni = strdup(sni);
+			s->ssl_ctx.reused_sess[tid].sni_hash = ssl_sock_sni_hash(ist(sni));
 		}
 #ifdef USE_QUIC
 		/* The selected ALPN is not stored without SSL session. */