diff --git a/command/agent/agent.go b/command/agent/agent.go
index 622adea87..24f206bf3 100644
--- a/command/agent/agent.go
+++ b/command/agent/agent.go
@@ -1010,6 +1010,12 @@ func (a *Agent) Reload(newConfig *Config) error {
 			return err
 		}
 	}
+	// Allow auditor to call reopen regardless of config changes
+	// This is primarily for enterprise audit logging to allow the underlying
+	// file to be reopened if necessary
+	if err := a.auditor.Reopen(); err != nil {
+		return err
+	}
 
 	fullUpdateTLSConfig := func() {
 		// Completely reload the agent's TLS configuration (moving from non-TLS to
diff --git a/command/agent/agent_test.go b/command/agent/agent_test.go
index 0cbd42846..c5d5e232f 100644
--- a/command/agent/agent_test.go
+++ b/command/agent/agent_test.go
@@ -657,7 +657,8 @@ func TestServer_Reload_TLS_Certificate(t *testing.T) {
 	}
 
 	agent := &Agent{
-		config: agentConfig,
+		auditor: &noOpAuditor{},
+		config:  agentConfig,
 	}
 
 	newConfig := &Config{
@@ -785,8 +786,9 @@ func TestServer_Reload_TLS_UpgradeToTLS(t *testing.T) {
 	}
 
 	agent := &Agent{
-		logger: logger,
-		config: agentConfig,
+		auditor: &noOpAuditor{},
+		logger:  logger,
+		config:  agentConfig,
 	}
 
 	newConfig := &Config{