I have NGINX Proxy Manager set up on my home network and my firewall set to forward traffic from ports 80 and 443. I can hit the NGINX “Congratulations” screen if I navigate directly to my home IP address from a different network. I have an A record for ddns.theprojecthoarder.com set up to get dynamic IP updates from my firewall, and I’ve tested to ensure it is being properly updated. However, if I navigate to ddns.theprojecthoarder.com, I receive a 520 error. Always use https is not turned on, and I have tried setting the A record to not proxy and pausing Cloudflare and continue to receive that error.
Seems like your Website is not secured and not working properly over port 443 even now when being unproxied.
SEC_ERROR_UNKNOWN_ISSUER -> localhost
Kindly, secured your origin host/server, generate an SSL certificate (Certbot, Let’s Encrypt) or use Cloudflare Origin CA certificate as described below and re-check your SSL/TLS settings on both Cloudflare dashboard and your nginx config file.
Regarding Cloudflare 520 error, may I suggest you to try looking into below articles to troubleshoot the issue:
May I ask what SSL option have you got selected under the SSL/TLS tab at Cloudflare dashboard for your domain ( Flexible, Full, Full Strict … )?
Here is a way to re-check if you correctly setup the SSL for your domain with Cloudflare:
In case you do not have an SSL certificate, you can use Cloudflare SSL, if so, kindly make sure you follow the instructions as follows on the below article to setup an SSL certificate using Cloudflare Origin CA Certificate: