diff --git a/packages/grpc-js/src/channel-options.ts b/packages/grpc-js/src/channel-options.ts
index 1120ab84..f2bb8bcf 100644
--- a/packages/grpc-js/src/channel-options.ts
+++ b/packages/grpc-js/src/channel-options.ts
@@ -57,6 +57,10 @@ export interface ChannelOptions {
   'grpc-node.max_session_memory'?: number;
   'grpc.service_config_disable_resolution'?: number;
   'grpc.client_idle_timeout_ms'?: number;
+  /**
+   * Set the enableTrace option in TLS clients and servers
+   */
+  'grpc-node.tls_enable_trace'?: number;
   // eslint-disable-next-line @typescript-eslint/no-explicit-any
   [key: string]: any;
 }
@@ -91,6 +95,7 @@ export const recognizedOptions = {
   'grpc-node.max_session_memory': true,
   'grpc.service_config_disable_resolution': true,
   'grpc.client_idle_timeout_ms': true,
+  'grpc-node.tls_enable_trace': true,
 };
 
 export function channelOptionsEqual(
diff --git a/packages/grpc-js/src/server.ts b/packages/grpc-js/src/server.ts
index f7d580b9..c5bab949 100644
--- a/packages/grpc-js/src/server.ts
+++ b/packages/grpc-js/src/server.ts
@@ -427,6 +427,8 @@ export class Server {
           serverOptions,
           creds._getSettings()!
         );
+        secureServerOptions.enableTrace =
+          this.options['grpc-node.tls_enable_trace'] === 1;
         http2Server = http2.createSecureServer(secureServerOptions);
         http2Server.on('secureConnection', (socket: TLSSocket) => {
           /* These errors need to be handled by the user of Http2SecureServer,
diff --git a/packages/grpc-js/src/transport.ts b/packages/grpc-js/src/transport.ts
index a213448b..5ff5257f 100644
--- a/packages/grpc-js/src/transport.ts
+++ b/packages/grpc-js/src/transport.ts
@@ -677,6 +677,7 @@ export class Http2SubchannelConnector implements SubchannelConnector {
       connectionOptions = {
         ...connectionOptions,
         ...address,
+        enableTrace: options['grpc-node.tls_enable_trace'] === 1,
       };
 
       /* http2.connect uses the options here:
@@ -760,6 +761,9 @@ export class Http2SubchannelConnector implements SubchannelConnector {
           connectionOptions.servername = hostPort?.host ?? targetPath;
         }
       }
+      if (options['grpc-node.tls_enable_trace']) {
+        connectionOptions.enableTrace = true;
+      }
     }
 
     return getProxiedConnection(address, options, connectionOptions).then(