We have a little over 300 websites (mix of free and pro) on Cloudflare pointing to sites hosted on Azure (app service). They have been working fine up until about 2am this morning, all of them have been showing a 525 SSL Handshake error off and on all day. Nothing has changed on Azure or Cloudflare that we have done different to cause this. I have done all the research and troubleshooting we can and just cannot figure out what the problem is. If we bypass cloudflare and access the sites directly - they work fine. I have checked the header size, response, etc… all good. We have all the sites configured for FULL SSL and forcing SSL. So far we have:
*Switched to Flexible SSL - this results in a 520 Cloudflare error page instead.
*Created a Cloudflare Origin SSL certificate, imported it into the Azure App Service, Binded to the production domain, forced SSL, and changed to FULL (strict) - still gives a 525 error still.
*Switched the TLS versions on Azure and Cloudflare - no change
*Created Azure App Service SSL certificates on Azure for the custom domains - no change.
I am running out if things to check and it seems to be an issue between Azure and Cloudflare, but I just can’t figure out what it is.