Currently, I have a domain api.akkadu.com being proxied by Cloudflare to an AWS elastic load balancer. Sometimes it resolves the domain, but the assets return a 525:
While other times, the domain returns a 525 and a “Failed SSL Handshake” error message
The issue sounds to be something to do with my origin certificate, but it’s a relatively new issue since the domain was resolving fine before, though I can’t be sure what’s changed since then.
The application behind the domain is healthy and is able to serve https requests from our Aliyun (China) domain at api.akkadu.cn. That uses an origin certificate issued from Aliyun and installed on our load balancer.
What I’ve tried
- Full (Strict) mode: I’ve generated a new certificate from cloudflare and installed it on my application load balancer, purged the cache, waited, etc.
- Full mode: I’ve removed the certificate from my load balancer and tried to see if Cloudflare could install a self-signed cert onto it (why would this fail?), same error.
- Flexible: I’ve tried seeing if just having an edge certificate would work, but I get a strange error which I think comes from my load balancer rendering the message
Dev: *.*.8.154 Rule(6): *.akkadu.com, 0on the page with an error status of 403.
Any suggestions would be much appreciated, and I’d be happy to provide more information on the problem.