TLS version mismatch between CloudFlare and origin causes 520 errors

critical

configurationUpdated Feb 2, 2026(via Exa)

Sources

JS Bin down in 2026remysharp.com

Technologies:

Expresssubject

CloudflareSymptoms of this issue are visible in Cloudflare metrics and logs

NGINXThe root cause of this issue originates in NGINX

How to detect:

When nginx only supports TLS 1.0-1.2 but CloudFlare Edge attempts TLS 1.3 negotiation, HTTPS requests fail with CloudFlare error 520 while HTTP requests succeed

Recommended action:

Either upgrade nginx to support TLS 1.3, or disable TLS 1.3 in CloudFlare's SSL/TLS > Edge Certificates settings. Verify TLS support with 'nginx -t' after config changes