SSL errors (525) when using Google Sites as origin server

Note that this is about www.ccjazzmen.com. I also own www.jnramasamy.com which is set up in exactly the same way, but the latter site works just fine, while the former is broken. I can’t seem to find any differences, help!

  • In both cases, I have moved the domain registrar to Cloudflare, and Cloudflare’s DNS uses a CNAME to point www to ghs.googlehosted.com. as per Google Sites’ instructions.
  • In both cases, the CNAME is proxied using Cloudflare’s proxies, and uses Full (strict) SSL between Cloudflare and origin servers.
  • I have redirect rules in place to rewrite apex domains to a www subdomain in both cases, as per these instructions on the Cloudflare docs under “redirecting the apex domain to a subdomain” (the redirect works fine, as expected).

Answer these questions to help the Community help you with Security questions.

What is the domain name? ccjazzmen.com

Have you searched for an answer? Yes

When you tested your domain, what were the results?
SSL handshake failed Error code 525

Describe the issue you are having:
Cloudflare cannot establish connection to the origin server

What error message or number are you receiving?
SSL handshake failed Error code 525

What steps have you taken to resolve the issue?

  1. Ensure full (strict) SSL between origin and Cloudflare
  2. Removed DNS CNAME (which pointed to ghs.googlehosted.com. and re-established
  3. Tried switching off proxying for DNS CNAME
  4. Removed and re-established external domain on Google Sites
  5. Purged all caches using Cloudflare’s dashboard

Was the site working with SSL prior to adding it to Cloudflare?
Yes. These domains were on ionos.com with DNS managed there as well prior to moving to Cloudflare. Everything worked fine there.

What are the steps to reproduce the error:

  1. Browse to the naked domain or the www subdomain

Have you tried from another browser and/or incognito mode?
Yes

Screenshots
The error message:

Error as detected on Google Sites:

Google Sites help doc relating to the error:

1 Like

Hi manik,

I’m able to access your site (www.ccjazzmen.com), so I guess you’re no longer getting the 525 Error anymore?

I had the exact same problem as you and I finally fixed it.

I “fixed” it by disabling proxying, and just using Cloudflare for DNS. It’s not ideal but at least it works.

I moved the old setup to “test.ccjazzmen.com”, so I can continue working on it. It still doesn’t work, exhibiting the same problem.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.