diff --git a/src/backend.c b/src/backend.c
index 0170547b2..45dab68df 100644
--- a/src/backend.c
+++ b/src/backend.c
@@ -2156,14 +2156,22 @@ int connect_server(struct stream *s)
 
 #ifdef USE_OPENSSL
 	/* Set socket SNI unless connection is reused. */
-	if (conn_is_ssl(srv_conn) && srv && srv->ssl_ctx.sni && !(s->flags & SF_SRV_REUSED)) {
-		struct sample *sni_smp = NULL;
+	if (conn_is_ssl(srv_conn) && !(s->flags & SF_SRV_REUSED)) {
+		int sni_set = 0;
 
-		sni_smp = sample_fetch_as_type(s->be, s->sess, s,
-		                               SMP_OPT_DIR_REQ | SMP_OPT_FINAL,
-		                               srv->ssl_ctx.sni, SMP_T_STR);
-		if (smp_make_safe(sni_smp))
-			ssl_sock_set_servername(srv_conn, sni_smp->data.u.str.area);
+		if (srv && srv->ssl_ctx.sni) {
+			struct sample *sni_smp = NULL;
+
+			sni_smp = sample_fetch_as_type(s->be, s->sess, s,
+						       SMP_OPT_DIR_REQ | SMP_OPT_FINAL,
+						       srv->ssl_ctx.sni, SMP_T_STR);
+			if (smp_make_safe(sni_smp)) {
+				ssl_sock_set_servername(srv_conn, sni_smp->data.u.str.area);
+				sni_set = 1;
+			}
+		}
+		if (!sni_set)
+			ssl_sock_set_servername(srv_conn, NULL);
 	}
 #endif /* USE_OPENSSL */
 
diff --git a/src/tcpcheck.c b/src/tcpcheck.c
index 815a84099..88a54d148 100644
--- a/src/tcpcheck.c
+++ b/src/tcpcheck.c
@@ -1509,6 +1509,8 @@ enum tcpcheck_eval_ret tcpcheck_eval_connect(struct check *check, struct tcpchec
 			ssl_sock_set_servername(conn, s->check.sni);
 		else if (auto_sni)
 			ssl_sock_set_servername(conn, b_orig(auto_sni));
+		else
+			ssl_sock_set_servername(conn, NULL);
 
 		if (connect->alpn)
 			ssl_sock_set_alpn(conn, (unsigned char *)connect->alpn, connect->alpn_len);