525 Errors Again

Hello:

i am facing 525 errors i asked the host as i was facing same issue 2 months ago but later got fixed after GoDaddy added a SSL on Backend now its again occuring, they are saying there is a SSL assigned properly.

Previous open topic: Godaddy and Cloudflare

Can you run this command in terminal (if on Linux/macOS)?

curl -Iv --resolve example.com:443:192.2.0.1 https://example.com

Substitute example.com with your domain/FQDN and 192.2.0.1 with the Origin IP. Obscure what you don’t want public.

How i provide the output of terminal??

Copy and paste? Ideally with a code block.

As I said above.

  • Added example.com:443:192.168.0.1 to DNS cache
  • Rebuilt URL to: https://example.com/
  • Hostname example.com was found in DNS cache
  • Trying 192.168.0.1…
  • TCP_NODELAY set
  • Connected to example.com (192.168.0.1) port 443 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • successfully set certificate verify locations:
  • CAfile: /etc/ssl/certs/ca-certificates.crt
    CApath: /etc/ssl/certs
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to example.com:443
  • stopped the pause stream!
  • Closing connection 0
    curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to example.com:443

i have removed the domain and ip with example.com and 192.168.0.1

http://sitemeer.com/#https://softprober.com

If that is really the result from your server’s IP + domain name then the certificate on the origin is not there…

First output gave that, when i ran the curl again this is the output:

* Added example.com:443:192.168.0.1 to DNS cache
* Rebuilt URL to: https://example.com/
* Hostname example.com was found in DNS cache
*   Trying 192.168.0.1...
* TCP_NODELAY set
* Connected to example.com (192.168.0.1) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: OU=Domain Control Validated; CN=example.com
*  start date: Sep 23 10:20:17 2020 GMT
*  expire date: Oct 25 10:20:17 2021 GMT
*  subjectAltName: host "example.com" matched cert's "example.com"
*  issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certs.godaddy.com/repository/; CN=Go Daddy Secure Certificate Authority - G2
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5653b544a580)
> HEAD / HTTP/2
> Host: example.com
> User-Agent: curl/7.58.0
> Accept: */*
> 
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2 200 
HTTP/2 200 
< server: openresty
server: openresty
< date: Wed, 23 Sep 2020 23:00:05 GMT
date: Wed, 23 Sep 2020 23:00:05 GMT
< content-type: text/html; charset=UTF-8
content-type: text/html; charset=UTF-8
< x-ua-compatible: IE=edge
x-ua-compatible: IE=edge
< content-security-policy: upgrade-insecure-requests
content-security-policy: upgrade-insecure-requests
< cache-control: max-age=172800
cache-control: max-age=172800
< expires: Fri, 25 Sep 2020 20:56:51 GMT
expires: Fri, 25 Sep 2020 20:56:51 GMT
< x-xss-protection: 1; mode=block
x-xss-protection: 1; mode=block
< x-content-type-options: nosniff
x-content-type-options: nosniff
< strict-transport-security: max-age=300
strict-transport-security: max-age=300
< x-cacheable: YES
x-cacheable: YES
< age: 7394
age: 7394
< vary: Accept-Encoding, User-Agent
vary: Accept-Encoding, User-Agent
< x-cache: cached
x-cache: cached
< x-cache-hit: HIT
x-cache-hit: HIT
< x-backend: all_requests
x-backend: all_requests
< accept-ranges: none
accept-ranges: none
< strict-transport-security: max-age=31536000; includeSubDomains
strict-transport-security: max-age=31536000; includeSubDomains

< 
* Connection #0 to host example.com left intact

Oh, ok. It works then.

It seems to work for me, for the vast majority of the time.

If the two commands were the same and gave different results then the issue is with GoDaddy, otherwise maybe contact support here.

i am also connected with GoDaddy right now to fix this, i have shared the topic too.

Pausing the site, till it get fixed.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.