Streaming live at 10am (PST)

Error 525 - SSL handshake failed


My website is showing a cloudflare 525 error.
I haven’t changed anything on cloudflare and webflow for a few weeks, and it was working fine up until a few days ago.
How can I fix this?
Here’s the screen shown for both and


1 Like


We are only able to provision SSL certificates for your domain if it is directly pointed to our servers. What probably happened is the domain was originally pointed to us and we were able to generate the SSL certificate. Then, the domain was moved to point to cloudflare. Then, some time later, when the SSL certificate we generated expired, we were no longer able to re-generate it since the domain is not pointed to us anymore.

There are a couple options to fix this. If you point your domain directly to us, we should be able to generate an ssl cert and we can directly serve your site. Alternatively if you wish to continue using cloudflare, you can set the config for them to point to instead of and make sure you select the “Flexible” option in the cloudflare config.



Hey folks, sorry about this. This was an unintended side effect of a DDOS mitigation effort. This is now and should be working for you again (let me know if not). I’m sorry for not updating you sooner, I just came across this thread.

I’m also sorry for how we handled the communication and addressing of the the issue as you described, you deserve better than that as a loyal customer. This was a tricky one for us to track down, but that’s no excuse for how we handled it. Sorry about that!

vidmate kissanime



Still the same error.
Maybe ssl certificate still needs to be replaced



So either I stop using SSL or stop using cloudflare?
How do I keep using cloudflare and keep ssl?

1 Like


@Tomer_Raz - likely if you turn off Cloudflare’s “orange cloud” (everything but DNS) and then go back to the Webflow hosting page and click “Check Status” on the domain, let’s encrypt will probably do it’s thing and your site should be back up hopefully within a few minutes.

For some deeper insight, the way that it works is that let’s encrypt has an automated system that runs on Webflow’s servers and makes a specific url available that allows their external system to validate their certs. With Cloudflare running, let’s encrypt certs are hidden and can’t update because Cloudflare replaces the certs. Let’s encrypt certs are valid for 3 months and automatically renew through this same process - so to use both, you need to turn off the orange cloud and validate that the expiration updated at least once every three months. For a longer term fix webflow needs to use let’s encrypt http validation, or they need to allow custom certs.

1 Like


Thanks, it works :slight_smile:
Turn off cloudflare orange cloud -> webflow hosting check status -> turn on cloudflare orange cloud

1 Like


Keep in mind, in 90 days when the certificate we provision expires, your site will break again. If you want to use cloudflare with the orange cloud on (meaning the traffic is routed through cloudflare, not just DNS) then you should make sure to point your site to to avoid the certificate issues.

1 Like


But if I change to, the site doesn’t work using https anymore correct?

1 Like


If you are routing your traffic through cloudflare, they are serving their own SSL certificate. You can see that currently it is a cloudflare issued SSL cert on the domain:

1 Like


Long story short, custom SSL certificates are long overdue product request going back to this forum from 2015. Especially with eComm launching out of beta this should be one of the highest priorities for product roadmap.

I can hear the resounding applause once this launches from clients and designers everywhere!