Error 525 SSL handshake failed for Let's Encrypt SSL Website -

I’m having issues getting my website to accept https and the biggest frustration is that it initially worked like a charm until I did something that broke it.

So I’m hosting on a centos 7 server and installed Let’s Encrypt’s certbot package. I have run certbot and I’ve set up a ssl certificate for my website without any issues so my file looks like this:

<Directory /websites/>
        Require all granted
        AllowOverride None

<VirtualHost *:80>
        DocumentRoot /websites/
        ServerAdmin [email protected]
        ErrorLog "logs/brainootropics.com_error_log"
        CustomLog "logs/brainootropics.com_access_log" combined
RewriteEngine on
RewriteCond %{SERVER_NAME}
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

#Listen 443

<VirtualHost *:443>
        DocumentRoot /websites/
#       SSLEngine on
        ServerAdmin [email protected]
        ErrorLog "logs/brainootropics.com_ssl_error_log"
        CustomLog "logs/brainootropics.com_ssl_access_log" combined
SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/

Right now the SSL cloudflare configuration tab looks like this:

Where should I look for or what should I try in order to make this work? I’ve followed various tutorials and as far as | can tell this should already be working.

Your SSL/TLS page looks good, but a 525 is because something is really wrong with TLS on your server. I see you’ve set it to Full (not strict), so expiration and hostname shouldn’t be the problem.

If I had this problem, I would go to the Overview section of the Cloudflare Dashboard, and Pause Cloudflare on Site and make sure I could connect with HTTPS. Remember that it takes 5 minutes for the Pause to take effect.

1 Like

Right now the website is disabled from Cloudflare as you have suggested and has a valid Let’s Encrypt SSL certificate but as soon as I enable Cloudflare back again I get the same error. Please also note that I also did a fresh install for the whole webserver. Any other clues?

Was that 525 Error screen a Cloudflare-branded one?

Next step would be to re-enable Cloudflare, and open a Support ticket if you’re still getting the 525 screen.

I don’t remember if it was a cloudflare branded but as far as I can remember, it wasn’t. Either way, rigth now it’s not relevant anymore and I did a fresh install and managed to see the website up and running with Let’s Encrypt SSL enabled while it was disabled from cloudflare as you have suggested. Now I have enabled it and it’s finally working.

Also, I noticed in my fist Cloudflare SSL screenshot that I have disabled Universal SSL and this might have been the reason for the 535 error in the first place so if anyone is getting that please be aware.

I will also post my current Cloudflare SSL settings that finally work.

This topic was automatically closed after 30 days. New replies are no longer allowed.