Some CloudFlare Servers returning Error 525: SSL handshake failed

Hey all,

I am not newbie with CloudFlare product as I am using it in the last two years.
However, I am facing a very strange issue with one site who struggles me almost two weeks.
Suddenly, we noticed that under unclear conditions and from certain networks CloudFlare returns Error 525:SSL handshake failed.

We followed community Tip for fixing Error 525 but nothing changed:

  1. Verify that Origin SSL is Valid (generated by Lets Encrypt)
  2. SSL Port 443 is open from our Firewall to public Internet
  3. Verify that Origin server has properly configured for SNI support .
    “server name”
    TLS server extension “server name” (id=0), len=0
  4. Verified that Origin Server has the correct Cipher Suites.
  5. Web Server (NginX) has been configured to log all SSL errors and it doesn’t creates any related error.
  6. Update /etc/hosts file and point directly the Web Server, no SSL warning appeared, everything is working correctly and browsers (Chrome & Firefox) displays the correct SSL certificate.
  7. Verified that Origin Server supports All TLS Version from 1.0 to 1.3

Few days ago, i made a change on NginX server (i was forcing to use https) and that seems to solve the problem but only for a few hours, after that we are seeing error 525.
As I said, it only happens in specific IP ranges, from my home Internet is working like a charm and I have never seen CloudFlare 525 error.

I also changed Origin resolv.conf file and I set CloudFlare DNS server as a colleague of mine suggested but unfortunately without any obvious change.

Αny help or idea will be duly appreciated

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.