Getting 525 on CNAME DNS record with valid SNI

ssl

#1

We have a Cloudflare DNS CNAME record to an AWS Api Gateway with a custom domain that uses SNI. We are getting a 525 SSL Handshake Failed.

We went through the steps on the support article https://support.cloudflare.com/hc/en-us/articles/200278659. We were able to test to make sure the custom domain on the aws side had a valid SNI configuration https://www.ssllabs.com/ssltest/analyze.html. We are able to directly go to the custom domain on the aws no problem and have chrome and mobile browsers acquire the cert correctly.

We have similar CNAME redirect to elb urls (which have certs that do not require SNI) that work perfectly well. We have Full (Strict) SSL turned on, as well as Universal SSL.


#2

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.