CloudFlare "SSL: Flexible" HTTPS not working on custom ports

2
votes

I have my domain on CloudFlare pointing at DigitalOcean Droplet's IP Address. While trying to access website through domain on CloudFlare using custom ports I get: error 525 SSL handshake failed. My CloudFlare Crypto SSL is set to: Flexible (...as I understand - no SSL is required on DigitalOcean droplet).

Example addresses:

Through DigitalOcean IPv4 (no SSL installed on server)

http://46.101.xxx.xxx/ - 100% working

https://46.101.xxx.xxx/ - 0% not working at all (server set up for :80)

http://46.101.xxx.xxx:2053/api - 100% working

http://46.101.xxx.xxx:2083/ - 100% working

Through CloudFlare:

https://example.com/ - 100% working

https://example.com:2053/api - 50% error from CloudFlare: 525 SSL handshake failed

https://example.com:2083/ - 50% error from CloudFlare: 525 SSL handshake failed

I configured my servers to use ports reserved for https connections: https://support.cloudflare.com/hc/en-us/articles/200169156-Which-ports-will-Cloudflare-work-with-

When I set up main server to use port :443 instead of :80 it obviously doesn't work since I don't have SSL on the server.

How should be the https://example.com:2053/api configured to work with CloudFlare?

1
node.jssslhttpsdigital-oceancloudflare

1 Answers

6
votes

From the description of Flexible SSL1:

Flexible SSL: secure connection between your visitor and CloudFlare, but no secure connection between CloudFlare and your web server...This setting will only work for port 443->80, not for the other ports we support like 2053

In other words: what you want is not possible with Flexible SSL.

1 Using an archived version of the page reflecting the time when the answer was written. The original page has changed in the mean time.