525 Errors incidentally showing up


#1

On my website, we have been getting occasional 525 errors since yesterday while not having changed any configuration in either Cloudflare or on the server for a few months now. Running openssl s_client also shows no problems with the SSL handshake if connecting to the IP of the server, however Cloudflare gives the 525 error page once every 4, maybe 5 pageviews. I have the Ray ID of a few failed requests if that would be helpful.
It is a certbot certificate.
I have tried restarting the server to no avail. mtr also shows no dropped packets.


#2

#3

Thanks for the quick reply. Yes, I have seen the page, but it does not explain why the site works fine 80% of the time, with the other 20% resulting in 525 errors. Diagnosing with s_client shows no errors in the handshake, but Cloudflare does, for some of the requests.


#4

Are there different certificates (on your origin) or hosts with invalid certs (or none) involved?


#5

Thanks for the quick reply. There is one certificate for one domain + some subdomains. The error seems to appear on all subdomains as well as on the main domain.


#6

The problems disappear completely when I only use Cloudflare as DNS (i.e. no orange clouds in the DNS settings). This leads me to believe this is a problem with Cloudflare.


#7

We have a similar problem, many requests were with errors 525, 522 and 520 in the last 15-20 hours.
Expired certificates do not have.
We also use CDN (orange cloud).
The problem is observed with requests from Amsterdam (Europe).


#8

Yes, the problem lies with Amsterdam for me too. Any fixes, besides turning off CDN?


#10

I have same problem. Error 524


#11

In my case I have solved it by turning off Railgun


Cloudflare 525 Error - Only in Chrome - seems like clearing cookies is the only solution, other browsers work