diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c
index c2e21e6d5443f0..13d7a6da6a06a7 100644
--- a/ssl/record/methods/tls_common.c
+++ b/ssl/record/methods/tls_common.c
@@ -1707,7 +1707,7 @@ int tls_post_encryption_processing_default(OSSL_RECORD_LAYER *rl,
         rl->msg_callback(1, thiswr->rec_version, SSL3_RT_HEADER, recordstart,
                          headerlen, rl->cbarg);
 
-        if (rl->version == TLS1_3_VERSION && rl->enc_ctx != NULL) {
+        if ((rl->version == TLS1_3_VERSION || rl->version == DTLS1_3_VERSION) && rl->enc_ctx != NULL) {
             unsigned char ctype = thistempl->type;
 
             rl->msg_callback(1, thiswr->rec_version, SSL3_RT_INNER_CONTENT_TYPE,
diff --git a/ssl/record/methods/tlsany_meth.c b/ssl/record/methods/tlsany_meth.c
index 4ca818f1918b72..df4896815a6f95 100644
--- a/ssl/record/methods/tlsany_meth.c
+++ b/ssl/record/methods/tlsany_meth.c
@@ -86,7 +86,7 @@ static int tls_validate_record_header(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec)
                     return 0;
                 }
             }
-        } else if (rl->version == TLS1_3_VERSION) {
+        } else if (rl->version == TLS1_3_VERSION || rl->version == DTLS1_3_VERSION) {
             /*
              * In this case we know we are going to negotiate TLSv1.3, but we've
              * had an HRR, so we haven't actually done so yet. In TLSv1.3 we