diff --git a/include/haproxy/quic_tls-t.h b/include/haproxy/quic_tls-t.h
index 875a2634a..7ea67c43f 100644
--- a/include/haproxy/quic_tls-t.h
+++ b/include/haproxy/quic_tls-t.h
@@ -153,6 +153,7 @@ struct quic_tls_secrets {
 	size_t ivlen;
 	unsigned char *key;
 	size_t keylen;
+	/* Used only on the RX part to store the largest received packet number */
 	int64_t pn;
 };
 
diff --git a/include/haproxy/quic_tls.h b/include/haproxy/quic_tls.h
index 48660f2b7..72aeb1ab3 100644
--- a/include/haproxy/quic_tls.h
+++ b/include/haproxy/quic_tls.h
@@ -364,11 +364,16 @@ static inline void quic_tls_ctx_reset(struct quic_tls_ctx *ctx)
 	ctx->rx.hp_ctx = NULL;
 	ctx->rx.iv = NULL;
 	ctx->rx.key = NULL;
+	ctx->rx.pn = 0;
 
 	ctx->tx.ctx = NULL;
 	ctx->tx.hp_ctx = NULL;
 	ctx->tx.iv = NULL;
 	ctx->tx.key = NULL;
+	/* Not used on the TX path. */
+	ctx->tx.pn = 0;
+
+	ctx->flags = 0;
 }
 
 /* Erase and free the secrets for a QUIC encryption level with <ctx> as