I have free Universal SSL with CloudFlare. I wanted to set up a permanent SSL redirect on my website.
I change A-name to IP my droplet on digitalocean and when i try to use https-protocol i get error: 521 (ssl handshake filed) and loop

I think, that is necessary to change standart settings in configuration apache2, but what to change and where?

Previously, I used shared hosting by godaddy and never encountered this problem. Please help me!

2 comments

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
6 answers

i have the same issue, please tell us how you solved this :(

I have the same issue as well. I have 2 servers with DO. With two sites on each that all have CloudFlare DNS/SSL. Today I updated one of the server, and both domains on this one started to get 525 ssl handshake failed. The two domains on the other “non-updated” server still worked fine.
Can’t fix it. I had to deactivate SSL for now. Any help welcome.

I had the same issue, I noticed that my SSL was on “Full”, but my server doesn’t support SSL, so I changed it to Flexible (e.g. USER <SSL> CF <PLAIN> SERVER)

If you require FULL SSL, you should make sure that your SSL works even without CF through https://www.ssllabs.com/ssltest/

problem solved! Change SSL = full to Flexible

Just adding a new answer here: when you by pass the https request on the node balancer, add the origin certificate to the load balancer, and make sure it’s selected. That way, you can still use strict CF connections.

Hope this helps.

Submit an Answer