I have a worker that get its data from a AWS API Gateway endpoint.
While this works fine in the online Worker Editor , when it deployed and worker endpoint is invoked from outside world it fails with following error :
Error 525 Ray ID: 48c3984a64e49668 • 2018-12-20 16:48:09 UTC
SSL handshake failed
AWS endpoint is in following format XXXXX.execute-api.us-east-1.amazonaws.com
I have verified from browser by hitting the origin directly that the certificate is at-least valid for Chrome browser (The cert itself appear to be a wildcard one , one served for all *.execute-api.us-east-1.amazonaws.com endpoints). As per the help page for 525 , there will be other issues like cipher suite used by AWS may not be supported by CF , that is something I need some help from CF to check.
Second problem is , the error page shown to end customers is revealing the origin in error page. I’m hoping to use CF rate limiting to protect the endpoint and don’t want anyone else to know the real URL. So I would like to know how I can stop CF from doing this.
Any help / pointers on this are highly appreciated.