diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index c4e8113241..4552db5b43 100644
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -251,6 +251,15 @@ be_tls_init(bool isServerStart)
 	/* disallow SSL compression */
 	SSL_CTX_set_options(context, SSL_OP_NO_COMPRESSION);
 
+#ifdef SSL_OP_NO_RENEGOTIATION
+	/*
+	 * Disallow SSL renegotiation, option available since 1.1.0h.  This
+	 * concerns only TLSv1.2 and older protocol versions, as TLSv1.3 has
+	 * no support for renegotiation.
+	 */
+	SSL_CTX_set_options(context, SSL_OP_NO_RENEGOTIATION);
+#endif
+
 	/* set up ephemeral DH and ECDH keys */
 	if (!initialize_dh(context, isServerStart))
 		goto error;
@@ -430,6 +439,15 @@ be_tls_open_server(Port *port)
 	}
 	port->ssl_in_use = true;
 
+#if defined(SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && (OPENSSL_VERSION_NUMBER < 0x10100000L)
+	/*
+	 * Disallow SSL renegotiation.  SSL_OP_NO_RENEGOTIATION is not available
+	 * in OpenSSL 1.0.2 and older versions, but this undocumented option
+	 * allows to achieve the same goal.
+	 */
+	port->ssl->s3->flags |= SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS;
+#endif
+
 aloop:
 
 	/*