Hello everyone, After getting my SSL Certificate approved nd my site showing secure, I am having this challenge of Error 525 SSL handshake failed. I can’t log in to my server neither my website. please I need urgent help. My domain name: yakrisetrade.com
You do not have a valid certificate on your server, respectively seemingly none at all. Make sure that is the case.
But I was just issued a free certificate yesterday which will expire in October 2020
By whom? Did you configure that on your server?
I did the configuration myself
Does your server IP address end in 51?
I followed some steps through a video
No certificate at that address
$ openssl s_client -connect [YOUR-SERVER-IP]:443 -servername yakrisetrade.com CONNECTED(00000003) 3070160896:error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error:../ssl/record/rec_layer_s3.c:1407:SSL alert number 80 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 201 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: PSK identity: None PSK identity hint: None SRP username: None Start Time: 1577956955 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no ---
So what should i do now to get every thing working correctly?
You need to fix your server certificate. You best contact your host about that.
Waoh! Thanks alot
One more thing. Can i use a free cloudflare SSl Certificate?
Because that is what I actually applied for before
Which certificate exactly do you mean? There are two in the context of Cloudflare.
That you cant use as that only applies to the proxies. You can use an Origin certificate but you still need to install this on your server.
That means i will have to go on origin server menu and generate a certificate
That is the challenge am finding at the moment, have been trying that since
But you said you already have a certificate anyhow, right?
I thought initially that it is only the universal SSL that is required