Question: About 525 SSL handshake failed, my two domains have valid SSL certificates, so can I just ignore them and using the CloudFlare Flexible SSL insteal of Full SSL?
crypto-cloudflare
Answer: The way our ssl works is that we present the customer with our own certificate from them to our edge network, and from our edge to your origin we communicate depending on your settings. If you login to your cloudflare dashboard and look in the crypto section you’ll see the options – Flexible, Full, and Full strict.
- Flexible – Visitor sees cloudflare ssl. Origin must communicate to us over http.
- Full – Visitor sees cloudflare ssl. Origin can used a self signed or verified certificate.
- Full Strict – Visitor sees cloudflare ssl. Origin must use a certificate from a CA.
In this case you can change the setting to flexible but that will cause us to communicate to your origin via http only and not over SSL. I don’t believe there is any reason to change this though. Usually when your server starts throwing errors such as 503’s or 500’s other errors will come up because the origin is struggling to persist connections. In the case of ssl it was probably able to start a connection but did have enough resources to finish the ssl handshake. This is less an ssl problem that it is an over all origin issue.
–EOF (The Ultimate Computing & Technology Blog) —
loading...
Last Post: Adsense Brings The Page-Level Ads
Next Post: Mod_PageSpeed Reports Slow Write Operation on File
After 1 week letter I change Flexible to Full Strict HTTPS, now my web site Showing Error
SSL handshake failed, How ( Full Strict ) work.
Please Help me