Error 520 when changing DNS record to Proxied

Hi all,
I tried changing the proxy status from DNS only to Proxied for some of my DNS records but a 520 error is occurring. It worked fine with DNS only. The problem occurred when I changed it to Proxied. Cloudflare IPs are allowed at my origin.
The respond of a curl requests sent to domain:
curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

Do you have any suggestion on how to make this work?
Thank you!

Welcome to the community!

May I ask if you were using SSL in your website before proxying to Cloudflare? If not, you may need to install an Origin Certificate in your webserver. Also, don’t forget to set the SSL/TLS mode to Full (Strict).

If it doesn’t work, could you please share your domain name (write it in the format domain DOT tld if you can’t post links).

Hope it helps!

Hi again,

Thank you for your response. I did all the steps mentioned and it still doesn’t work.

Could the problem be with the edge certificates, since I bought an * certificate and now I’m trying to proxy an * domain?

I think you’ve found the issue. Edge certificates only protect by default domain.tld and *.domain.tld.

If you want to protect second-level or deeper subdomains, you’ll need to purchase Advanced Certificate Manager.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.