Cloudflare connection errors: What they mean and how to report them

This article covers Cloudflare SSL connection errors that may appear on Finalsite-hosted websites, including how to identify each error type and what details to include in a support ticket.

💡Quick answers

  • What causes these errors? SSL or TLS connection issues between Cloudflare and the origin server, such as an expired certificate, a failed handshake, or a browser-level security block.
  • Can this be fixed without contacting support? No. These errors require backend configuration changes. Submit a ticket to Finalsite Support with the error details shown on the page.
  • Does this mean the website content is broken? Not necessarily. Cloudflare SSL errors point to a routing or certificate issue, not a problem with site content or Composer configuration.
  • What information should be included in a support ticket? The error code or message, the Ray ID (if shown), the IP address, the date and time the error appeared, and the URL where it occurred.

In this article


What these errors look like

Cloudflare displays different error pages depending on where the SSL issue originates. Below are the most common types.

Recognize Error 526: Invalid SSL certificate

This page features Cloudflare's three-node diagnostic diagram (Browser + Cloudflare + Host). The Browser and Cloudflare nodes show green checkmarks; the Host node shows a red X.

When this appears: the Cloudflare SSL/TLS setting is set to Full (Strict), but the origin server is presenting an expired, self-signed, or mismatched certificate.

Recognize Error 525: SSL handshake failed

This page is visually identical to Error 526 in layout. It displays "Error 525: SSL handshake failed" at the top and highlights a breakdown at the origin server node.

When this appears: the cryptographic negotiation between Cloudflare's edge proxy and the origin server fails, usually because the origin server does not support the required TLS version or cipher suites.

Recognize browser-level SSL blocks

Some SSL issues occur before traffic reaches Cloudflare's proxy network. In these cases, the browser displays its own security warning rather than a Cloudflare-branded page. 

Common messages include:

  • ERR_SSL_VERSION_OR_CIPHER_MISMATCH. A gray browser screen stating the client and server do not support a common SSL protocol version or cipher suite.
  • "Your connection is not private." A standard browser-level block with warning text and an "Advanced" button.

Submit a support ticket

Submit a ticket to Finalsite Support and include as many of the following details as possible from the error page:

  • Error code or message. The specific error shown (for example, Error 526 or "Your connection is not private").
  • Ray ID. A unique identifier shown on Cloudflare error pages, used to trace the request.
  • IP address. The visitor IP address shown on the error page.
  • Date and time. When the error first appeared.
  • URL. The full page address where the error occurred.
  • Screenshot. A screenshot of the full error page, including any visible error codes or diagrams.
Was this article helpful?
4 out of 5 found this helpful

Comments

0 comments

Please Sign in to leave a comment if you don't see the comment box below.