diff --git a/deps/mbedtls/mbedtls/compat-1.3.h b/deps/mbedtls/mbedtls/compat-1.3.h
index 5d7b4e42ae..1faa3ed99b 100644
--- a/deps/mbedtls/mbedtls/compat-1.3.h
+++ b/deps/mbedtls/mbedtls/compat-1.3.h
@@ -117,9 +117,6 @@
 #if defined MBEDTLS_CTR_DRBG_C
 #define POLARSSL_CTR_DRBG_C MBEDTLS_CTR_DRBG_C
 #endif
-#if defined MBEDTLS_DEBUG_C
-#define POLARSSL_DEBUG_C MBEDTLS_DEBUG_C
-#endif
 #if defined MBEDTLS_DEPRECATED_REMOVED
 #define POLARSSL_DEPRECATED_REMOVED MBEDTLS_DEPRECATED_REMOVED
 #endif
diff --git a/deps/mbedtls/mbedtls/config.h b/deps/mbedtls/mbedtls/config.h
index 1f7da00d88..4077e37aca 100644
--- a/deps/mbedtls/mbedtls/config.h
+++ b/deps/mbedtls/mbedtls/config.h
@@ -1752,20 +1752,6 @@
  */
 #define MBEDTLS_CTR_DRBG_C
 
-/**
- * \def MBEDTLS_DEBUG_C
- *
- * Enable the debug functions.
- *
- * Module:  library/debug.c
- * Caller:  library/ssl_cli.c
- *          library/ssl_srv.c
- *          library/ssl_tls.c
- *
- * This module provides debugging functions.
- */
-#define MBEDTLS_DEBUG_C
-
 /**
  * \def MBEDTLS_DES_C
  *
diff --git a/deps/mbedtls/mbedtls/debug.h b/deps/mbedtls/mbedtls/debug.h
index 2957996407..34ba236416 100644
--- a/deps/mbedtls/mbedtls/debug.h
+++ b/deps/mbedtls/mbedtls/debug.h
@@ -35,37 +35,6 @@
 #include "ecp.h"
 #endif
 
-#if defined(MBEDTLS_DEBUG_C)
-
-#define MBEDTLS_DEBUG_STRIP_PARENS( ... )   __VA_ARGS__
-
-#define MBEDTLS_SSL_DEBUG_MSG( level, args )                    \
-    mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__,    \
-                             MBEDTLS_DEBUG_STRIP_PARENS args )
-
-#define MBEDTLS_SSL_DEBUG_RET( level, text, ret )                \
-    mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret )
-
-#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len )           \
-    mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len )
-
-#if defined(MBEDTLS_BIGNUM_C)
-#define MBEDTLS_SSL_DEBUG_MPI( level, text, X )                  \
-    mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X )
-#endif
-
-#if defined(MBEDTLS_ECP_C)
-#define MBEDTLS_SSL_DEBUG_ECP( level, text, X )                  \
-    mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X )
-#endif
-
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
-#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt )                \
-    mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt )
-#endif
-
-#else /* MBEDTLS_DEBUG_C */
-
 #define MBEDTLS_SSL_DEBUG_MSG( level, args )            do { } while( 0 )
 #define MBEDTLS_SSL_DEBUG_RET( level, text, ret )       do { } while( 0 )
 #define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len )  do { } while( 0 )
@@ -73,8 +42,6 @@
 #define MBEDTLS_SSL_DEBUG_ECP( level, text, X )         do { } while( 0 )
 #define MBEDTLS_SSL_DEBUG_CRT( level, text, crt )       do { } while( 0 )
 
-#endif /* MBEDTLS_DEBUG_C */
-
 #ifdef __cplusplus
 extern "C" {
 #endif
diff --git a/deps/mbedtls/ssl_cli.c b/deps/mbedtls/ssl_cli.c
index fcd37bd9bc..93b71fc643 100644
--- a/deps/mbedtls/ssl_cli.c
+++ b/deps/mbedtls/ssl_cli.c
@@ -1382,9 +1382,6 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
 #endif
     int handshake_failure = 0;
     const mbedtls_ssl_ciphersuite_t *suite_info;
-#if defined(MBEDTLS_DEBUG_C)
-    uint32_t t;
-#endif
 
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) );
 
@@ -1487,14 +1484,6 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
         return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION );
     }
 
-#if defined(MBEDTLS_DEBUG_C)
-    t = ( (uint32_t) buf[2] << 24 )
-      | ( (uint32_t) buf[3] << 16 )
-      | ( (uint32_t) buf[4] <<  8 )
-      | ( (uint32_t) buf[5]       );
-    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
-#endif
-
     memcpy( ssl->handshake->randbytes + 32, buf + 2, 32 );
 
     n = buf[34];
@@ -2659,16 +2648,6 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
     {
         size_t sig_alg_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] <<  8 )
                              | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n]       ) );
-#if defined(MBEDTLS_DEBUG_C)
-        unsigned char* sig_alg = buf + mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n;
-        size_t i;
-
-        for( i = 0; i < sig_alg_len; i += 2 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "Supported Signature Algorithm found: %d"
-                                        ",%d", sig_alg[i], sig_alg[i + 1]  ) );
-        }
-#endif
 
         n += 2 + sig_alg_len;
 
diff --git a/deps/mbedtls/ssl_srv.c b/deps/mbedtls/ssl_srv.c
index 15cafd43e2..81276fe6c8 100644
--- a/deps/mbedtls/ssl_srv.c
+++ b/deps/mbedtls/ssl_srv.c
@@ -1932,28 +1932,6 @@ have_ciphersuite:
         mbedtls_ssl_recv_flight_completed( ssl );
 #endif
 
-    /* Debugging-only output for testsuite */
-#if defined(MBEDTLS_DEBUG_C)                         && \
-    defined(MBEDTLS_SSL_PROTO_TLS1_2)                && \
-    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
-    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
-    {
-        mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_alg( ciphersuite_info );
-        if( sig_alg != MBEDTLS_PK_NONE )
-        {
-            mbedtls_md_type_t md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs,
-                                                                  sig_alg );
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: %d",
-                                        mbedtls_ssl_hash_from_md_alg( md_alg ) ) );
-        }
-        else
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "no hash algorithm for signature algorithm "
-                                        "%d - should not happen", sig_alg ) );
-        }
-    }
-#endif
-
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello" ) );
 
     return( 0 );
diff --git a/deps/mbedtls/ssl_tls.c b/deps/mbedtls/ssl_tls.c
index 71c67072e1..841cab60ee 100644
--- a/deps/mbedtls/ssl_tls.c
+++ b/deps/mbedtls/ssl_tls.c
@@ -4659,18 +4659,6 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
             mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
                                             alert );
         }
-
-#if defined(MBEDTLS_DEBUG_C)
-        if( ssl->session_negotiate->verify_result != 0 )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "! Certificate verification flags %x",
-                                        ssl->session_negotiate->verify_result ) );
-        }
-        else
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 3, ( "Certificate verification flags clear" ) );
-        }
-#endif /* MBEDTLS_DEBUG_C */
     }
 
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) );
diff --git a/libretro-common/net/net_socket_ssl.c b/libretro-common/net/net_socket_ssl.c
index 02561d1e8f..910e4589ea 100644
--- a/libretro-common/net/net_socket_ssl.c
+++ b/libretro-common/net/net_socket_ssl.c
@@ -81,7 +81,9 @@ void* ssl_socket_init(int fd, const char *domain)
 
    state->domain = domain;
 
+#if defined(MBEDTLS_DEBUG_C)
    mbedtls_debug_set_threshold(DEBUG_LEVEL);
+#endif
 
    mbedtls_net_init(&state->net_ctx);
    mbedtls_ssl_init(&state->ctx);