SSL Handshake Failed on Renewal

#1

Hi, so just until now I was able to access my site perfectly. Now, I realized that the Letsencrypt certificates on my server expired, so I renewed them, and now I get the 525 Handshake Failed error. I am using SSL Full and I can’t figure out what’s wrong. I do think I made all the right steps to renew my server certificate, and I tried disabling CLoudFlare on the website but I’m still seeing the 525 Handshake Failed page, so CloudFlare it’s not actually being disabled (maybe I should delete CloudFlare’s cache?). But like I said, my previous server certificates were working just fine, it’s the renewal that’s not working with CloudFlare.

#2

Also, I renewed a second certificate on my server (for another site that has CloudFlare disabled) and that one works fine. The browser shoes my updated Letsencrypt certificate.

#3

Make sure the certificate on your server is actually valid.

#4

I do think it is since the certificate I generated for my other site (what I mentioned in my reply) works fine. The only difference is that the second site doesn’t go through CloudFlare, like the first one does. So it almost seems like my certificate is valid but CloudFlare doesn’t like something about. What could it be? And how would I check if my certificate is “actually valid”?

#5

Do you feel comfortable to post your server IP here?

#6

Not really. But why?

#7

If we dont know the address we cant check it.

I can only offer you to run a check of your IP and domain on sitemeer.com and post here the time when you checked.

#8

I’ll check it in a bit. But my server hosts multiple domains, so does that site verify a corresponding certificate for each?

#9

The site does not check the certificate but it allows you to reveal your IP address to me without publicly posting it.

#10

Oh ok. But can you tell me how to check it so I can do it myself? Also, I don’t know if this matters, but there are some domains in that server that don’t have SSL configured (I actually removed their SSL configurations when I renewed the rest). I don’t think it matters since my understanding of this is that CloudFlare looks for the SSL Certificate for a specific domain, so the SSL configuration of the others domains is irrelevant, but maybe I’m wrong and that’s the problem.

#11

For this I’d advise to use a search engine of your preference.

If everything is properly configured it shouldnt matter.

The information that we need right now is your domain and the IP address of your server.

#12

So I just checked with an SSL checker online and it does seem like it doesn’t find an SSL certificate for my domain, which I find very strange. I generated the certificate with certbot and followed the steps it told me to, plus, it said “Congratulations! Your certificate was created…”. In nginx I have the .pem file and the .key file in the ssl folder and in my sites-available folder, the domains point to their respective ssl certificate/key in the ssl folder. I don’t know what else could I be missing.

#13

You might want to clarify this on an Nginx specific forum in this case. They should be able to assist you further.

#14

I fixed it. The problem was indeed that the other domains in the server didn’t have SSL certificates… Weird.

closed #15

This topic was automatically closed after 30 days. New replies are no longer allowed.