Is this happening randomly from the same browser for the same user?
It looks like we can’t fulfill #5 here: Community Tip - Fixing Error 525: SSL handshake failed - Tutorial - Cloudflare Community
(I know this was pointed out before)
Our ciphers are more limited than Cloudflare’s. This is because we’re using a different TLS library that only supports TLSv1.2 and TLSv1.3 with modern ciphers. Even with a shorter list of ciphers, we still support the vast majority of clients. Clients that don’t support any of these are considered insecure.