diff --git a/test/ssltestlib.c b/test/ssltestlib.c
index 57039e77a99e2cb9ce5fa5838ef272a6a39b6248..1981cb5696714f80cea3495f200e6246614a5997 100644
--- a/test/ssltestlib.c
+++ b/test/ssltestlib.c
@@ -645,6 +645,8 @@ int create_ssl_connection(SSL *serverssl, SSL *clientssl)
 {
     int retc = -1, rets = -1, err, abortctr = 0;
     int clienterr = 0, servererr = 0;
+    unsigned char buf;
+    size_t readbytes;
 
     do {
         err = SSL_ERROR_WANT_WRITE;
@@ -678,5 +680,20 @@ int create_ssl_connection(SSL *serverssl, SSL *clientssl)
         }
     } while (retc <=0 || rets <= 0);
 
+    /*
+     * We attempt to read some data on the client side which we expect to fail.
+     * This will ensure we have received the NewSessionTicket in TLSv1.3 where
+     * appropriate.
+     */
+    if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) {
+        if (readbytes != 0) {
+            printf("Unexpected success reading data %"OSSLzu"\n", readbytes);
+            return 0;
+        }
+    } else if (SSL_get_error(clientssl, 0) != SSL_ERROR_WANT_READ) {
+        printf("SSL_read_ex() failed\n");
+        return 0;
+    }
+
     return 1;
 }