SSL handshake failed 525

What is the name of the domain?

iconnectcounseling.org

What is the error number?

525

What is the error message?

SSL Handshake failed

What is the isssue you’re encountering

SSL handshake failed

What steps have you taken to resolve the issue?

Followed all the steps mentioned, no progress

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full

Screenshot of the error

Please pause Cloudflare for you domain and keep it that way until the error is resolved.

Yes I paused the Cloudflare on site as you said. But is it the way to resolve it. The cloud run domain mapping is still not active, it been processing for more than 12 hours now. Are there any other solution on how to fix this? I’m a beginner, it’s hard get around these networking terms.

The site is currently not paused.

Yeah I paused the Cloudflare site as suggested and when i checked back after 2 hours, the cloud run domain mapping was successful and it was showing a green tick checkmark. So I visited my domain registered with Cloudflare on chrome to see if I can access my website and I was able to access it and see my landing page. Don’t know how it worked out on pausing the Cloudflare site. So I thought to resume the Cloudflare site as it was now accessible. Please let me know to keep it paused or is it okay now to resume it.

The problem is most likely that Cloudflare interfered with the automatic certificate renewal process done by your hosting provider.

Pausing Cloudflare would allow the certificate renewal to take place, but the same problem will occur again 3 months from now.

There are things that can be done in Cloudflare to allow for the certificate renewal, but it’s getting a bit late here, so I’ll look for a post with the instructions for this tomorrow.

2 Likes

You have no idea how grateful I am for your guidance. I was stuck at this problem for atleast 2 weeks now. Thank you so much for your insight. Please share that post when you can, I will be really needing it. Also, curious why this will happen again after 3 months and how do I prevent it. If you don’t mind, please suggest some resources to learn about these networking basics and how all this works. Thank you once again :pray:

Because the certificate is most likely valid for 3 months, after which it needs to be renewed again. And pausing Cloudflare each time isn’t really the solution.

I’ll explain that tomorrow.

That’s very open ended. There are enough resources to keep you busy for a lifetime, so how deep does your curiosity run?

Basically I want to stay on top of the networking logic involved in cloud environments/architectures because I’m using google cloud a lot for all my recent development projects. I am beginning to know how important is the networking aspect to a software developer/engineer, and I was wondering what’s the bare minimum that every individual in this professional show know about networking. Thanks :pray:

Here is the post from @epic.network that explains how to manage the certificate renewal with Cloudflare activated:

I’ll get back to you on that later.

4 Likes
  • TCP, UDP and when to use which
  • IP addresses (IPv4, IPv6), Subnets and CIDR ranges
  • LAN vs WAN
  • Sockets, Ports and their relationship
  • TLS, Certificates (Common Name, Subject Alternate Name) and Chain of Trust
  • Especially issuing of certificates (CSR, ACME Challenge and issuers)
  • Forward Proxy and Reverse Proxy
  • General function of DNS and the different DNS records. Take a closer look at CNAME and SRV records. Many people misunderstand CNAME records, and so many applications should use SRV records but don’t, and I’m sure it’s because the developers just didn’t know anything about it.
  • HTTP, request types, error codes, headers (especially host header)
  • HTTP security headers
  • It also doesn’t hurt to understand how email works, though I wouldn’t put that into the “bare minimum” category.
  • Encoding, the bane of all existence.

That’s what comes to my mind off the top of my head. I’m sure there are a lot of important topics I forgot about here, but maybe other’s have some ideas to contribute.

As for resources, it depends on whether you want a deep understanding of the involved topics or just working knowledge.

For working knowledge, hanging out in forums like this or the LetsEncrypt forum helps a lot. Especially when it comes to debugging problems in your configuration.

When it comes to System Design, something more foundational might be appropriate. The main problem in my experience isn’t to find information on a topic, but knowing which topics you need to research in more depth.

So textbooks like Tanenbaum’s “Computer Networks” that touch on almost everything without going into too much detail are good for an introduction. When you want to know mroe about a specific topic, it’s really easy to find more information.

The Mozilla Foundation also has excellent documentation on all things internet:

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.