diff --git a/library/ssl_client.c b/library/ssl_client.c
index 2ad69f9038..d407520cf7 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -963,17 +963,18 @@ int mbedtls_ssl_write_client_hello(mbedtls_ssl_context *ssl)
                                                               buf_len,
                                                               msg_len));
 
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        if (mbedtls_ssl_conf_is_tls12_only(ssl->conf)) {
-            mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO);
-        } else
-#endif
-        {
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
-            mbedtls_ssl_tls13_finalize_write_client_hello(ssl);
-#endif
-        }
+        /*
+         * Set next state. Note that if TLS 1.3 is proposed, this may be
+         * overwritten by mbedtls_ssl_tls13_finalize_write_client_hello().
+         */
+        mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO);
 
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+        if (ssl->handshake->min_tls_version <=  MBEDTLS_SSL_VERSION_TLS1_3 &&
+            MBEDTLS_SSL_VERSION_TLS1_3 <= ssl->tls_version) {
+            ret = mbedtls_ssl_tls13_finalize_write_client_hello(ssl);
+        }
+#endif
     }
 
 cleanup: