I don’t deny that our server admin should be able to install a certificate on the server, and I don’t deny that a certificate on our server alongside the Cloudflare certificate is like a second lock on the door. But I cannot agree that if for some reason we are not yet installing such a second lock, then there is no point in putting even the first one.
Again, on the server where our main website is hosted, there is no certificate, Cloudflare’s Full mode is enabled, and the HTTPS connection from Cloudflare works fine. But it’s Apache on the server. The problem I described concerns another server where Node.js + Next.js is deployed. That’s why I’m wondering if the described problem is somehow related to what server software is installed on the server machine. Because again, when accessing the direct IP address or an unsecured connection, i.e., without Cloudflare, we get a 200 status from Node.js + Next.js, and only when trying to access via HTTPS from Cloudflare we get a 521 status.