I am using cloudfare for DNS, and some customers get a 525 SSL error. If they refresh a few times though, it goes away. Is this because there isn’t SLA on my current plan? And if so, what is the lowest tier I could get so that I have maintained uptime and no 525 errors from Cloudflare.
Digging into this a bit and you don’t need to upgrade your account level- we offer free SSL certificates provided by Let’s Encrypt for all sites. It does look like you’ve brought your own custom certificate, though, but that should also be fine once we sort out the next part.
One problem here is that your DNS is misconfigured. One way you can tell is by checking host:
$ host wholesale.compyle.io
wholesale.compyle.io has address 188.8.131.52 <--- Cloudflare
wholesale.compyle.io has address 184.108.40.206 <---- Netlify
wholesale.compyle.io has address 220.127.116.11 <---- Netlify
This is probably why the SSL handshake is failing half the time: your domain name is pointing to two different servers. Your account is also configured to use Netlify DNS, but you mentioned that you’d like to stick with Cloudflare for DNS hosting, which is absolutely fine and something we support. To fix these issues, you’ll want to review these instructions for configuring external DNS for Netlify-hosted sites:
Once your DNS records are set up at Cloudflare to point to the correct Netlify sites, you will want to delete the DNS zone on the Netlify side for compyle.io (since your DNS records will live at Cloudflare and point to Netlify from there). You’ll do that here, at the bottom where you see the “Delete DNS Zone” button: https://app.netlify.com/teams/andrew-duca/dns/compyle.io
Please let us know if you have if you have follow-up questions along the way!