Regarding 5xx errors:
https://support.cloudflare.com/hc/en-us/articles/115003011431-Troubleshooting-Cloudflare-5XX-errors
Regarding the error 525, kindly check this two articles (one has the same title as above one, but is pointing to 525 error):
https://support.cloudflare.com/hc/en-us/articles/115003011431-Troubleshooting-Cloudflare-5XX-errors#525error
May I ask what SSL option (Flexible, Full, Strict) have you got selected under SSL/TLS tab on Cloudflare dashboard for your domain?
Therefore, have you got an valid SSL certificate installed on your host origin/server which covers both your main domain and other sub-domains?
Here is a way to re-check if correctly setup the SSL with Cloudflare:
To troubleshoot more about SSL issues:
Regarding available SSL options at Cloudflare dashboard, check here:
By this statement I assume you have successfully implemented the steps from below article?:
https://support.cloudflare.com/hc/en-us/articles/201897700-Allowing-Cloudflare-IP-addresses
Cloudflare IP address list can be found on below article:
May I ask, but, have you saved your iptables on your server, or any other IDS to apply the changes?
If any requests passed to the origin, you should see the Cloudflare IP address there.
Do you have SSL enabled for your application at your Web server (Apache config or Nginx vhost file)?
Can you ping in/out?
Furthermore, is your app/web server working over 443 or some other port compatible HTTPS with Cloudflare one’s from the list below?:
https://support.cloudflare.com/hc/en-us/articles/200169156-Which-ports-will-Cloudflare-work-with-
What happens when you temporarly disable Cloudflare? (Pause or put to Development mode or make 
records to 
)
Just in case, there is a way to go with Cloudflare CA Origin Certificate using the steps from below to achieve Full (Strict) SSL :
I really hope we can resolve it here using suggestions and recommendation, in case not, maybe @cloonan could take a look at your ticket.