diff --git a/handler/src/main/java/io/netty/handler/ssl/SslHandler.java b/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
index 199bab2121..60e7a3786c 100644
--- a/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
+++ b/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
@@ -1506,13 +1506,15 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
                 try {
                     engine.closeInbound();
                 } catch (SSLException e) {
-                    // only log in debug mode as it most likely harmless and latest chrome still trigger
-                    // this all the time.
-                    //
-                    // See https://github.com/netty/netty/issues/1340
-                    String msg = e.getMessage();
-                    if (msg == null || !msg.contains("possible truncation attack")) {
-                        logger.debug("{} SSLEngine.closeInbound() raised an exception.", ctx.channel(), e);
+                    if (logger.isDebugEnabled()) {
+                        // only log in debug mode as it most likely harmless and latest chrome still trigger
+                        // this all the time.
+                        //
+                        // See https://github.com/netty/netty/issues/1340
+                        String msg = e.getMessage();
+                        if (msg == null || !msg.contains("possible truncation attack")) {
+                            logger.debug("{} SSLEngine.closeInbound() raised an exception.", ctx.channel(), e);
+                        }
                     }
                 }
             }