diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go
index 4882fd0d8c5..e54b1a466d7 100644
--- a/src/net/http/h2_bundle.go
+++ b/src/net/http/h2_bundle.go
@@ -3995,7 +3995,7 @@ func http2ConfigureServer(s *Server, conf *http2Server) error {
 	if s.TLSNextProto == nil {
 		s.TLSNextProto = map[string]func(*Server, *tls.Conn, Handler){}
 	}
-	protoHandler := func(hs *Server, c *tls.Conn, h Handler) {
+	s.h2ProtoHandler = func(hs *Server, c tlsConn, h Handler) {
 		if http2testHookOnConn != nil {
 			http2testHookOnConn()
 		}
@@ -4017,7 +4017,9 @@ func http2ConfigureServer(s *Server, conf *http2Server) error {
 			BaseConfig: hs,
 		})
 	}
-	s.TLSNextProto[http2NextProtoTLS] = protoHandler
+	s.TLSNextProto[http2NextProtoTLS] = func(s *Server, c *tls.Conn, h Handler) {
+		s.h2ProtoHandler(s, c, h)
+	}
 	return nil
 }
 
diff --git a/src/net/http/server.go b/src/net/http/server.go
index d96283ccc4d..d040bf44747 100644
--- a/src/net/http/server.go
+++ b/src/net/http/server.go
@@ -1826,6 +1826,14 @@ func isCommonNetReadError(err error) bool {
 	return false
 }
 
+type tlsConn interface {
+	net.Conn
+	ConnectionState() tls.ConnectionState
+	HandshakeContext(ctx context.Context) error
+}
+
+var _ tlsConn = &tls.Conn{}
+
 // Serve a new connection.
 func (c *conn) serve(ctx context.Context) {
 	c.remoteAddr = c.rwc.RemoteAddr().String()
@@ -1851,7 +1859,7 @@ func (c *conn) serve(ctx context.Context) {
 		}
 	}()
 
-	if tlsConn, ok := c.rwc.(*tls.Conn); ok {
+	if tlsConn, ok := c.rwc.(tlsConn); ok {
 		tlsTO := c.server.tlsHandshakeTimeout()
 		if tlsTO > 0 {
 			dl := time.Now().Add(tlsTO)
@@ -1884,7 +1892,11 @@ func (c *conn) serve(ctx context.Context) {
 				// from being run on these connections. This prevents closeIdleConns from
 				// closing such connections. See issue https://golang.org/issue/39776.
 				c.setState(c.rwc, StateActive, skipHooks)
-				fn(c.server, tlsConn, h)
+				if realTLSConn, ok := c.rwc.(*tls.Conn); ok {
+					fn(c.server, realTLSConn, h)
+				} else if proto == http2NextProtoTLS {
+					c.server.h2ProtoHandler(c.server, tlsConn, h)
+				}
 			}
 			return
 		}
@@ -2691,6 +2703,8 @@ type Server struct {
 	onShutdown []func()
 
 	listenerGroup sync.WaitGroup
+
+	h2ProtoHandler func(hs *Server, c tlsConn, h Handler)
 }
 
 // Close immediately closes all active net.Listeners and any
@@ -3502,7 +3516,7 @@ func (globalOptionsHandler) ServeHTTP(w ResponseWriter, r *Request) {
 // Requests come from ALPN protocol handlers.
 type initALPNRequest struct {
 	ctx context.Context
-	c   *tls.Conn
+	c   tlsConn
 	h   serverHandler
 }