Fetch from AWS API Gateway fails from worker with Error 525 revealing the origin URL in error page

Has anyone found a solution? @lovasoa ?

This drives me mad for a few hours. Tried all the global/page SSL settings combinations possible (off, flexible, full, strict), no change.

Kenton Varda: (Note: The “SSL Handshake fail” error itself is actually a known bug in Workers, that happens when you try to talk to a host outside your zone using HTTPS but you have “flexbile” SSL set. We do not use flexible SSL when talking to domains other than your own, but there’s a bug that causes the request to fail instead of just using full SSL as it should.)

Can we get a public status on such a bug? Is it reasonable to expect it to be fixed now?

My domains:
https://cf.thisweekinreact.com/
https://this-week-in-react.pages.dev/

Code: https://github.com/slorber/this-week-in-react/blob/main/app/routes/index.tsx#L54

I just send a request to some https API:

async function subscribeToRevue({
  email,
  revueSecretKey,
}: {
  email: string;
  revueSecretKey: string;
}) {
  const REVUE_SUBSCRIBE_API = "https://www.getrevue.co/api/v2/subscribers";

  const revueFormData = new FormData();
  revueFormData.append("email", email);
  revueFormData.append("double_opt_in", "true");

  const result = await fetch(REVUE_SUBSCRIBE_API, {
    method: "POST",
    headers: {
      Authorization: `Token ${revueSecretKey}`,
    },
    body: revueFormData,
  });

  return result;
}

There’s nothing fancy being done, and it’s quite similar to your Egghead + Unsplash tutorial here: Expert led courses for front-end web developers. | egghead.io

This works fine in Wranger/dev. I also got this working on Vercel in 3 minutes, while I’m struggling for hours to make it work on CF. I really wanted to give a try CF workers but this is a pain atm and I think I’m just going to move back to Vercel :cry:

Looks related to:
https://tipsfordev.com/cloudflare-workers-fetch-https-works-on-workers-dev-subdomain-but-not-on-own-subdomain-getting-525-error

Also can forward the log that API call returns:

# Error 525

Ray ID: 6d9eb373ca1b40b1 • 2022-02-07 18:32:27 UTC

## SSL handshake failed

You

### Browser

Working

Paris

### Cloudflare

Working

cf.thisweekinreact.com

### Host

Error

## What happened?

Cloudflare is unable to establish an SSL connection to the origin server.

## What can I do?

### If you're a visitor of this website:

Please try again in a few minutes.

### If you're the owner of this website:

It appears that the SSL configuration used is not compatible with Cloudflare. This could happen for a several reasons, including no shared cipher suites. [Additional troubleshooting information here.](https://support.cloudflare.com/hc/en-us/articles/200278659)

Cloudflare Ray ID: **6d9eb373ca1b40b1** • Your IP: 2a01:cb00:ca6:de00:59c3:19b8:ed3:9294 • Performance & security by [Cloudflare](https://www.cloudflare.com/5xx-error-landing)