Causes
Usually caused by a configuration issue on the origin web server, when these two conditions are true :
- The SSL handshake fails between Cloudflare and the origin web server
- Full or Full (Strict) SSL is set in the Overview tab of your Cloudflare SSL/TLS app.
Fixes
Step 1: Contact NET Support
Contact NET to exclude the following common causes at your origin web server:
- No valid SSL certificate installed
- Port 443 (or other custom secure port) is not open
- No SNI support
- The cipher suites accepted by Cloudflare does not match the cipher suites supported by the origin web server
Step 2: Review Origin Web Server Error Logs
If occur intermittently, review the origin web server error logs to determine the cause. Configure Apache to log mod_ssl errors. Also, nginx includes SSL errors in its standard error log, but may possibly require an increased log level.