Spurious HTTP 525 Errors After Replacing Origin Cert

Answer these questions to help the Community help you with Security questions.

What is the domain name?
ananda4life (dot) com

Have you searched for an answer?
Yes

Please share your search results url:
Don’t have permissions to share urls; but have read the 2 main entries in this forum about 525 errors

When you tested your domain using the [Cloudflare Diagnostic Center], what were the results?
The “Check HTTPS status” failed with a non-200 result

Describe the issue you are having:
Our ssl cert was mistakenly removed by our hosting provider overnight, causing Cloudflare to (properly) return HTTP525 errors. Installed a new cert on the server & verified it was being used. Now Cloudflare intermittently returns a HTTP525 error (commonly on soft page reloads, but rarely on hard reloads). Activating Developer Mode appears to prevent 525s as a workaround. Purging the cache (both in-browser, and in-Cloudflare) appears to have no effect.

What error message or number are you receiving?
HTTP525: SSL handshake failed

What steps have you taken to resolve the issue?

  1. Reinstalled SSL cert on origin
  2. Flushed browser cache + tested with new browser
  3. Purged Cloudflare cache – appears to have had no effect
  4. Flushed browser cache + tested with new browser
  5. Activated Cloudflare Developer Mode – appears to make the issues stop outright (both for main browser, and on new browsers)

Was the site working with SSL prior to adding it to Cloudflare?
N/A

What are the steps to reproduce the error:

  1. Open site in fresh browser, w/ Cloudflare Developer Mode inactive

Have you tried from another browser and/or incognito mode?
Yes

Please attach a screenshot of the error:
Disallowed by server; but it’s the “normal” HTTP525 error page saying Cloudflare couldn’t communicate w/ origin

Should say “Cloudflare Development Mode” rather than “Cloudflare Developer Mode”

Correction: Development Mode is not a workaround.

This appears to be a GoDaddy issue – pinging their site directly still triggers the behavior (tho less often). Working it out with them will update here if I receive useful info from them.

1 Like

Greetings,

Thank you for asking and for sharing a feedback.

It seems to me it’s working fine, at least from my end. Can you confirm?

Otherwise, try answering the questions from below and follow the steps to troubleshoot.

Before moving to Cloudflare, was your Website working over HTTPS connection?

Kindly, before doing anything at Cloudfalre settings, you could determine if you have a valid SSL certificate installed at the origin host/server by your web hosting provider or your own VPS/dedicated server following the steps from below:

  1. Use the “Pause Cloudflare on Site” option from the Overview tab for your domain at dash.cloudflare.com .
  2. The link is in the lower right corner of that page.
  3. Give it five minutes to take effect, then make sure site is working as expected with HTTPS.
  4. Check with your hosting provider / cPanel AutoSSL / ACME.sh / Certbot / Let’s Encrypt or some other and renew it accordingly.
  5. Only then should you un-pause Cloudflare and double-check your SSL/TLS setting to make sure it’s Full (Strict).

May I ask what SSL option have you got selected under the SSL/TLS tab at Cloudflare dashboard for your domain ( Flexible, Full, Full Strict … )?

It is working fine it was a go daddy issue. Thank you.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.