`Origin CA certificate` with `SSL handshake failed Error code 525` in nginx

What is the name of the domain?

uesugiyuki.com

What is the error number?

525

What is the error message?

SSL handshake failed

What is the issue you’re encountering

Can not access website server

What steps have you taken to resolve the issue?

I uploaded Cloudflare Origin RSA PEM to /etc/ssl/certificate_ca.pem and tried the following methods:

  1. add ssl_trusted_certificate /etc/ssl/certificate_ca.pem; in nginx server config
  2. append content of certificate_ca.pem at the end of certificate_ca.pem
  3. change server_name between ip and domain
  4. change encryption mode between Full (strict) and Full

Was the site working with SSL prior to adding it to Cloudflare?

No

What is the current SSL/TLS setting?

Full (strict)

What are the steps to reproduce the issue?

OS: CentOS 8.4 64bit SCC
Nginx: nginx/1.14.1

  1. add a DNS record of type A
  2. SSL/TLS > Origin Server > Create Certificate use RSA
  3. download Origin Certificate, Private Key, Cloudflare Origin RSA PEM with PEM format
  4. config server of nginx.config as the picture and restart nginx

Steps are based on documents Origin CA certificates and Nginx: Create CSR & Install SSL Certificate (OpenSSL)

Configs and other infos see the picture.

Screenshot of the error

Document’s link

https://www.digicert.com/kb/csr-ssl-installation/nginx-openssl.html

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.