525 SSL Handshake Failed
525
SSL Handshake Failed
Example HTTP Response
HTTP Response
HTTP/1.1 525 SSL Handshake Failed
Server: cloudflare
Content-Type: text/html
<html><body>SSL handshake failed</body></html>Common Causes
- Origin server SSL certificate is invalid or expired
- Origin doesn't support SSL/TLS on specified port
- SSL/TLS version mismatch (origin uses outdated TLS)
- Cipher suite incompatibility
- Origin certificate is self-signed (with Full Strict mode)
- Origin SSL configuration errors
- Cloudflare SSL mode set to Full/Full Strict but origin uses HTTP
Technical Details
What does this mean?
Secret handshake failed! Cloudflare and your origin server tried to do the security handshake but couldn't agree on how to do it. It's like two spies who forgot the password.
Technical Definition
Cloudflare could not negotiate an SSL/TLS handshake with the origin server.
Code Snippets
Ready-to-use code for returning this HTTP status in your application:
Node.js
// Express.js
app.get('/example', (req, res) => {
res.status(525).json({
error: 'SSL Handshake Failed',
message: 'Your error message here'
});
});
// Native HTTP
const http = require('http');
http.createServer((req, res) => {
res.writeHead(525, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({
error: 'SSL Handshake Failed',
message: 'Your error message here'
}));
}).listen(3000);Related Status Codes
525 SSL Handshake Failed FAQ
What causes a 525 SSL Handshake Failed error?
Origin server SSL certificate is invalid or expired. Origin doesn't support SSL/TLS on specified port. SSL/TLS version mismatch (origin uses outdated TLS). Cipher suite incompatibility. Origin certificate is self-signed (with Full Strict mode). Origin SSL configuration errors. Cloudflare SSL mode set to Full/Full Strict but origin uses HTTP.