My site has been up a while-- without problems. Today I tried to go to it to check a date and got a 525 Error-- SSL handshake failed. The initial error page said that Cloudflare was working, and it was a Host Error.
But when I turn on Develop Mode in Cloudflare…bypass our cache, the page loads fine.
I cleared the Cache on my Browser and Turned the Develop mode on/off and had the same results.
Any ideas? I did not see any reports that Cloudflare or GoDaddy were having issues.
Greetings,
I am sorry to hear you are experiencing an 525 error with your domain name.
Thank you for sharing feedback information.
I can also reproduce the same when I try to access your website from my end.
May I ask did you check if you accessed via HTTP or HTTPS when “bypassed”?
Regarding Cloudflare 525 error, may I suggest you to try looking into below article to troubleshoot the issue:
Furthermore, before moving to Cloudflare, was your Website working over HTTPS connection?
May I ask what SSL option have you got selected under the SSL/TLS tab at Cloudflare dashboard for your domain ( Flexible, Full, Full Strict … )?
I assume it should have to be something with the SSL certificate at your origin host/server, for example if the SSL certificate expired or is not valid anymore.
Otherwise, I see there are topics about 525 error and GoDaddy by using 
:
Maybe a helpful article from GoDaddy on their SSL:
Recent topic, GoDaddy and SSL issue here:
Responding to everyone’s comments–
I accessed before and after turning on Develop mode using HTTPS. It is/was reproducible. I will read the Tip tonight.
My SSL is free from Cloudflare and has worked without problems for a while. I had an expired free SSL before I switched to Cloudflare. That was difficult-- deleting it never removed it. I ended up going through several tiers of support at GoDaddy, before they discover it was not being deleted. They manually deleted it. (My best understanding of what happened).
Cloudflare is set as Full Strict.
Cloudflare SSL should not be expired. It had a real long expiration date.
RE: Mistyped… it was correct. Not sure why you got a coming soon.
My site is https://www.dellazanna.com/
Thanks
Thank you for sharing your helpful experience and feedback information.
I can see it’s working now, proxied and over HTTPS when I access it, at least on my end. Could you confirm?
The Develop Mode was ON when you accessed it. I just shut it off. You might need to clear your browser cache to recreate the error.
I just confirmed the issue is still present. Cleared Cache 1st.
Try it again after clearing cache.
Thanks for your help…
Sorry for the trickle in of information.
I checked in Cpanel. It shows I have a CloudFlare Origin Certificate that expires in 2036
In CPanel… it says my site’s Shared IP Address is {redacted} When I use that Address, I get the Coming Soon page that someone already mentioned.
With Development Mode on, I thought the page loaded OK-- the Hero Image and menu showed up correctly. It is a single page website, with links. None of the links now take you to the correct section. So, I do not think the Page is actually loading.
Currently, I see it’s working over HTTPS, and also proxied (by the IP) for A record.
In one moment, I saw some issues with loading resources like CSS, JS and images.
And 525 error.
If that so, your SSL option should be set to Full (Strict) SSL under the SSL/TLS tab of Cloudflare dashboard for your domain name:
And your A www and A dellazanna.com (or if using a CNAME setup then CNAME) DNS records both proxied and set to 
It has been and is still set to Full (Strict)
I have made any recent changes to my DNS settings. I believe they are still correct.
Note CNAME uses dellazanna.com and A type uses IP address
Now I got 525 back:
UPDATE - after refresh, working again:
I am not sure what the issue is here, but something with SSL at origin host/server.
I could suggest to contact GoDaddy, but unaware if they would be able to resolve it.
UPDATE: I have been on hold and talking to GoDaddy for the past 1.25 hours… You might have tried it after we worked on it.
I NOTE: GoDaddy Always says it is a CloudFlare issue. So realize that when I post what they said.
They said “The site’s IP Address is not propagating correctly on the Cloud Flare’s Server” and some issues were cache related.
I purged the CloudFlare Cache on CloudFlare page and changed SL/TLS encryption mode to Full-- it was Full Strict. That is what they recommended.
After that the site started working.
Any idea if GoDaddy is correct? Any way to request CloudFlare to check if IP Address is not propagating correctly?
Another Update… The site only works when in Develop Mode (on) . Full Strict works is in Develop Mode (on).
Does anyone know what would make a site only work when in Develop Mode and it seems Purging the Cache also helped by making the problem more consistent?
Again, thanks everyone for your help
I just shut off Development Mode… in case it needs to be off for you to test.
Update… Troubleshooting
I do not know if any of these steps will help identify the source of the issue.
The site will load when Development Mode is ON
The site will work with Development Mode OFF , if CloudFlare is Paused. As expected, the site goes back to HTTP and Chrome makes it very hard to access.
Can you tell if this is on the GoDaddy side or the CloudFlare side?
Any potential restoring the website from a July 2021 save would fix it— I do not think so, but figured I ask.
Thanks for the continued help…
Kindly, thank you for providing us with feedback information regarding your issue.
I see from now on you are using Cloudflare Origin CA Certificate - which throws as expected “not trusted” in a Web browser when hostname is unproxied 
(DNS-only) as follows:
Site visitors may see untrusted certificate errors if you pause or disable Cloudflare on subdomains that use Origin CA certificates. These certificates only encrypt traffic between Cloudflare and your origin server, not traffic from client browsers to your origin.,
From now on, while using Cloudflare Origin CA Certificate, you should set your DNS records (for www and domain name) to proxied and set to .
Therefore under the SSL/TLS tab choose Full (Strict) SSL option.
Turn off the Development mode / un-pause the “Pause Cloudflare for this site” option.
After that, wait for few minutes and we can re-check again if your Website is loading fine over HTTPS.
Helpful source:
I understood why I was getting the unsecured warning… I was not using CloudFlare. I was just trying to troubleshoot and found that the site could load with it off.
I restored the setting you mentioned.
As a time reference—It is 3:45pm EST.
Development Mode is Off
Cloudflare on Site is enabled
SSL/TLS is Full (strict)
I believe I have all the Proxy setting correct, I did not change them.
Thanks for helping.
Kindly, may I ask you to consider masking/hiding the origin IP address from your screenshot while sharing to public for further cases. You can Edit your answer and replace the original image. Please, do so.
Furthermore, thank you for feedback.
Now that’s interesting. The moment when you switched them to be correctly configured, I did saw in one momemt a 525 error 
Nevertheless, after hitting the refresh button, website loads okay without it.
In another web browser, the same behaviour and I see the upper banner saying:
This website www.dellazanna.com/ is currently offline. Cloudflare’s Always Online™ shows a snapshot of this web page from the Internet Archive’s Wayback Machine. To check for the live version, click Refresh .
I am afraid it should be something with the origin host/server on GoDaddy
Kindly, I would suggest you write a ticket to Cloudflare support due to your domain issue and share the ticket number here with us so we could escalate this issue:
Thanks… I did not realize the IP address should be secured. I deleted it.
I tried to generate a ticket… I could not. I will submit a summary of the issue by e-mail.
I just sent the e-mail with a summary of the issue.
Thank you, I’ve escalated it to Cloudflare team.
Kindly and patiently wait for a reply and continue to provide helpful feedback to the to successfully resolve the issue
Will do… Thanks!
