diff --git a/common.go b/common.go
index 9fc742008205dc..3e24c82cbea565 100644
--- a/common.go
+++ b/common.go
@@ -450,7 +450,7 @@ func (c *Config) clone() *Config {
 }
 
 func (c *Config) serverInit() {
-	if c.SessionTicketsDisabled {
+	if c.SessionTicketsDisabled || len(c.ticketKeys()) != 0 {
 		return
 	}
 
diff --git a/handshake_client_test.go b/handshake_client_test.go
index 62751b8b7cc40a..f7e0dce2c44d4d 100644
--- a/handshake_client_test.go
+++ b/handshake_client_test.go
@@ -648,13 +648,14 @@ func TestClientResumption(t *testing.T) {
 		t.Fatal("first ticket doesn't match ticket after resumption")
 	}
 
-	key2 := randomKey()
-	serverConfig.SetSessionTicketKeys([][32]byte{key2})
+	key1 := randomKey()
+	serverConfig.SetSessionTicketKeys([][32]byte{key1})
 
 	testResumeState("InvalidSessionTicketKey", false)
 	testResumeState("ResumeAfterInvalidSessionTicketKey", true)
 
-	serverConfig.SetSessionTicketKeys([][32]byte{randomKey(), key2})
+	key2 := randomKey()
+	serverConfig.SetSessionTicketKeys([][32]byte{key2, key1})
 	ticket = getTicket()
 	testResumeState("KeyChange", true)
 	if bytes.Equal(ticket, getTicket()) {
@@ -662,6 +663,16 @@ func TestClientResumption(t *testing.T) {
 	}
 	testResumeState("KeyChangeFinish", true)
 
+	// Reset serverConfig to ensure that calling SetSessionTicketKeys
+	// before the serverConfig is used works.
+	serverConfig = &Config{
+		CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA},
+		Certificates: testConfig.Certificates,
+	}
+	serverConfig.SetSessionTicketKeys([][32]byte{key2})
+
+	testResumeState("FreshConfig", true)
+
 	clientConfig.CipherSuites = []uint16{TLS_ECDHE_RSA_WITH_RC4_128_SHA}
 	testResumeState("DifferentCipherSuite", false)
 	testResumeState("DifferentCipherSuiteRecovers", true)