diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index a01f8a7fd..c42e79cc4 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -2867,7 +2867,7 @@ void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_
  *                 (Default: 2^48 - 1)
  *
  *                 Renegotiation is automatically triggered when a record
- *                 counter (outgoing or ingoing) crosses the defined
+ *                 counter (outgoing or incoming) crosses the defined
  *                 threshold. The default value is meant to prevent the
  *                 connection from being closed when the counter is about to
  *                 reached its maximal value (it is not allowed to wrap).
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a64a86415..391ed9af2 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -732,7 +732,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
 
         MBEDTLS_SSL_DEBUG_BUF( 3, "Outgoing CID", transform->out_cid,
                                transform->out_cid_len );
-        MBEDTLS_SSL_DEBUG_BUF( 3, "Ingoing CID", transform->in_cid,
+        MBEDTLS_SSL_DEBUG_BUF( 3, "Incoming CID", transform->in_cid,
                                transform->in_cid_len );
     }
 #endif /* MBEDTLS_SSL_CID */