Thank you for providing the link. It looks like it should be supported, but clearly there’s something else wrong. I still get an 525 error for SSL connection.
When I run the subdomain against SSL Labs test I get an A+ back (I’ve enabled TLS 1.2 temporarily and still get the same thing). I was getting an A back prior to enabling TLS 1.2 - but that’s because it was strictly set to TLS 1.3.
When running the openssl client command I get back a positive as well:
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
Regardless, very odd. I guess I’ll have to open a ticket.