diff --git a/components/mbedtls/mbedtls/library/ssl_client.c b/components/mbedtls/mbedtls/library/ssl_client.c
index 05bbd3a2..511462c8 100644
--- a/components/mbedtls/mbedtls/library/ssl_client.c
+++ b/components/mbedtls/mbedtls/library/ssl_client.c
@@ -820,10 +820,15 @@ static int ssl_prepare_client_hello(mbedtls_ssl_context *ssl)
         (ssl->handshake->cookie == NULL))
 #endif
     {
-        ret = ssl_generate_random(ssl);
-        if (ret != 0) {
-            MBEDTLS_SSL_DEBUG_RET(1, "Random bytes generation failed", ret);
-            return ret;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+        if (ssl->handshake->hello_retry_request_count == 0)
+#endif
+        {
+            ret = ssl_generate_random(ssl);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(1, "Random bytes generation failed", ret);
+                return ret;
+            }
         }
     }