525 Errors incidentally showing up

On my website, we have been getting occasional 525 errors since yesterday while not having changed any configuration in either Cloudflare or on the server for a few months now. Running openssl s_client also shows no problems with the SSL handshake if connecting to the IP of the server, however Cloudflare gives the 525 error page once every 4, maybe 5 pageviews. I have the Ray ID of a few failed requests if that would be helpful.
It is a certbot certificate.
I have tried restarting the server to no avail. mtr also shows no dropped packets.

https://support.cloudflare.com/hc/en-us/articles/200278659-Error-525-SSL-handshake-failed

Thanks for the quick reply. Yes, I have seen the page, but it does not explain why the site works fine 80% of the time, with the other 20% resulting in 525 errors. Diagnosing with s_client shows no errors in the handshake, but Cloudflare does, for some of the requests.

Are there different certificates (on your origin) or hosts with invalid certs (or none) involved?

Thanks for the quick reply. There is one certificate for one domain + some subdomains. The error seems to appear on all subdomains as well as on the main domain.

The problems disappear completely when I only use Cloudflare as DNS (i.e. no orange clouds in the DNS settings). This leads me to believe this is a problem with Cloudflare.

We have a similar problem, many requests were with errors 525, 522 and 520 in the last 15-20 hours.
Expired certificates do not have.
We also use CDN (orange cloud).
The problem is observed with requests from Amsterdam (Europe).

Yes, the problem lies with Amsterdam for me too. Any fixes, besides turning off CDN?

I have same problem. Error 524

In my case I have solved it by turning off Railgun

This topic was automatically closed after 30 days. New replies are no longer allowed.