Error 525, SSL handshake failed

Hi, there.
I got a difficult problem, I could’t access my website when i tried “Full” or “Full(strict)” mode through Cloudflare, and I got error 525. It has botherd me few days and I don’t how to figure it out.

I followed the community tips about Error 525, but all of them didn’t work.

Here’s my nginx conf, I used the Cloudflare orgin server to generate the ssl certificate and added to the /etc/ssl/ca-bundle.crt.


#user  nobody;
worker_processes  auto;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  logs/access.log  main;
    sendfile        on;
    #tcp_nopush     on;
    #keepalive_timeout  0;
    keepalive_timeout  65;
    #gzip  on;
    server {
        listen       80;
        server_name  localhost

        location / {
            root   html;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }

    server {
        listen       443 ssl;
        server_name  gogs.lifeasy.space;

        ssl_certificate      cert/cloudflare/gogs/domain_bundle.crt;
        ssl_certificate_key  cert/cloudflare/gogs/domain.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_ciphers TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256:ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers  on;

        location / {
            proxy_pass   http://publicIp:3000;
        }
    }

}

and here is my nginx error.log info.

2022/04/13 04:48:57 [info] 265971#0: *1776 peer closed connection in SSL handshake (104: Connection reset by peer) while SSL handshaking, client: 162.158.146.70, server: 0.0.0.0:443
2022/04/13 04:49:01 [info] 265971#0: *1777 peer closed connection in SSL handshake (104: Connection reset by peer) while SSL handshaking, client: 162.158.146.70, server: 0.0.0.0:443

I haven’t a clue about this problem, and I don’t know what kind of attempt I should do.
I’m glad to see any replay about this topic, thx.(By the way: sorry about my terrible english, just forget it)

I would pause Cloudflare and check if the server properly handles SSL. It most likely won’t and you will need to make the necessary adjustments, so that your site loads fine on HTTPS without Cloudflare.

Once it does, it should also work on Cloudflare.

1 Like

Thanks for your replay, it’s a very important thought that I never think of, I’ll try it right now. thanks again.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.