diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
index 154d6a0a1fd9ea..1982261b80e86b 100644
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@@ -1523,10 +1523,12 @@ function onConnectSecure() {
     debug('client emit secureConnect. rejectUnauthorized: %s, ' +
           'authorizationError: %s', options.rejectUnauthorized,
           this.authorizationError);
+    this.secureConnecting = false;
     this.emit('secureConnect');
   } else {
     this.authorized = true;
     debug('client emit secureConnect. authorized:', this.authorized);
+    this.secureConnecting = false;
     this.emit('secureConnect');
   }
 
diff --git a/test/parallel/test-http2-connect.js b/test/parallel/test-http2-connect.js
index 6f62f55a93b7f2..9ee2e4347f600b 100644
--- a/test/parallel/test-http2-connect.js
+++ b/test/parallel/test-http2-connect.js
@@ -9,9 +9,11 @@ const {
 } = require('../common');
 if (!hasCrypto)
   skip('missing crypto');
+const fixtures = require('../common/fixtures');
 const assert = require('assert');
-const { createServer, connect } = require('http2');
+const { createServer, createSecureServer, connect } = require('http2');
 const { connect: netConnect } = require('net');
+const { connect: tlsConnect } = require('tls');
 
 // Check for session connect callback and event
 {
@@ -70,6 +72,36 @@ const { connect: netConnect } = require('net');
   connect(authority).on('error', () => {});
 }
 
+// Check for session connect callback on already connected TLS socket
+{
+  const serverOptions = {
+    key: fixtures.readKey('agent1-key.pem'),
+    cert: fixtures.readKey('agent1-cert.pem')
+  };
+  const server = createSecureServer(serverOptions);
+  server.listen(0, mustCall(() => {
+    const { port } = server.address();
+
+    const onSocketConnect = () => {
+      const authority = `https://localhost:${port}`;
+      const createConnection = mustCall(() => socket);
+      const options = { createConnection };
+      connect(authority, options, mustCall(onSessionConnect));
+    };
+
+    const onSessionConnect = (session) => {
+      session.close();
+      server.close();
+    };
+
+    const clientOptions = {
+      port,
+      rejectUnauthorized: false
+    };
+    const socket = tlsConnect(clientOptions, mustCall(onSocketConnect));
+  }));
+}
+
 // Check for error for init settings error
 {
   createServer(function() {