In case anyone else is using nginx and cloudflare: The documentation for ssl options on your origin server that cloudflare provides [1] indicate that you should use
ssl_prefer_server_ciphers on; I found that setting this option caused a SSL_do_handshake() failed (SSL: error:????????:SSL routines::bad cipher) while SSL handshaking error, at least after upgrading to trixie. This manifests as a generic 525 error on the browser. It's not clear to me what the implications of setting this to "off" are (the default for trixie). Best, Antonio [1] https://developers.cloudflare.com/ssl/origin-configuration/cipher-suites/
