SSL Handshake failed Error 525

xyzashu · December 25, 2020, 1:49am

My domain’s Let’s Encrypt SSL certificate had expired. Therefore, I installed Cloudflare’s Origin Certificate on my website https://greenbusinesspages.in/. But I’m unable to resolve this SSL Handshake Failed Error 525 at Host end:

My SSL/TLS encryption mode is Full (strict)
Forced HTTPS is ON in Cloudflare app and disabled at server.
Universal SSL is enabled
TLS certificate signed by Cloudflare is installed on origin server.
Domain is using Cloudflare nameservers

SSL report by Qualys:

Geocerts SSL Checker report:

My webhost support says to wait for 24 hours but it’s been over a week and the problem still persists. Can any one help figure out what’s wrong?

Thanks!

soldier_21 · December 25, 2020, 1:57am

Hey, do you have a valid certificate on your hosts end? That is, without Cloudflare, is your https certificate valid?

sdayman · December 25, 2020, 2:35am

If that cert is properly installed, then Cloudflare will accept it, and not throw a 525 or 526.

You can test your origin certificate with:
curl -vI --connect-to ::127.0.0.1 https://greenbusinesspages.in

That would be command line on the server itself, or you’d have to put in the server’s actual IP address if you’re testing remotely.

You should see the Cloudflare Origin cert in the response.

xyzashu · December 25, 2020, 5:49am

Thanks for the reply!
Unfortunately, I don’t know where to put command lines or CLI on server.

Is there any other method to do the same?

xyzashu · December 25, 2020, 5:52am

I’ve a valid Cloudflare Origin CA installed on my server.
But I think you’re asking for some other TLS certificate. I don’t have any additional TLS certificate. So obviously, without Cloudflare my https certificate won’t work.

system · January 24, 2021, 1:49am

This topic was automatically closed after 30 days. New replies are no longer allowed.