Error 525 - SSL Handshake Fail

Getting Error 525 - SSL Handshake Fail when trying to enable Full (Strict) encryption. Cloudflare origin certificate is installed, and my host has confirmed the following:

“Port 80 and 443 are open and the server is currently using SNI. I did set Client Certificates to “Accept” which was previously set to “ignore” so this could fix the issue.”

Is there anything else I could be missing that would cause this error?

What happens when you pause Cloudflare and hit your server directly? Do you get a successful connection, with a certificate warning that the browser does not recognise the origin certificate?

If you do, the only other explanation would be that your host might possibly block Cloudflare’s IP addresses, though in that case it shouldnt be a 525.

Whats the domain?

1 Like

Good catch. Hitting the server directly results in a non-secure connection, not the error related to a self-signed certificate, so there’s something wrong with the certificate on the server. I’m looking into it now and will update with any additional info.

Domain is https://staging.thsweb.com.