diff --git a/lib/http/client.py b/lib/http/client.py
index 108e954cffd978ab5ad4d528211767cefc0f525e..35f578182f3881b4046d81b566e502df2ece5d6b 100644
--- a/lib/http/client.py
+++ b/lib/http/client.py
@@ -264,6 +264,14 @@ class HttpClientRequestExecutor(http.HttpBase):
     # keep-alive settings, see "man 7 tcp" for TCP_KEEPCNT, TCP_KEEPIDLE and
     # TCP_KEEPINTVL.
 
+    # Do the secret SSL handshake
+    if self.using_ssl:
+      self.sock.set_connect_state()
+      try:
+        http.Handshake(self.poller, self.sock, self.WRITE_TIMEOUT)
+      except http.HttpSessionHandshakeUnexpectedEOF:
+        raise http.HttpError("Server closed connection during SSL handshake")
+
   def _SendRequest(self):
     """Sends request to server.
 
diff --git a/lib/http/server.py b/lib/http/server.py
index 9fa7e43741d4123cf25445881af3553ff3b5d381..b9e77cee79b4f57c2cc64c008e4e19567b656b64 100644
--- a/lib/http/server.py
+++ b/lib/http/server.py
@@ -252,6 +252,15 @@ class _HttpServerRequestExecutor(object):
       request_msg_reader = None
       force_close = True
       try:
+        # Do the secret SSL handshake
+        if self.server.using_ssl:
+          self.sock.set_accept_state()
+          try:
+            http.Handshake(self.poller, self.sock, self.WRITE_TIMEOUT)
+          except http.HttpSessionHandshakeUnexpectedEOF:
+            # Ignore rest
+            return
+
         try:
           try:
             request_msg_reader = self._ReadRequest()