ssl error rx record too long and Apache SSL

Question

I ve got a customer trying to access one of my sites  and they keep getting this error   ssl error rx record too long  They re getting this error on all browsers  all platforms  I can t reproduce the problem at all   My server and myself are located in the USA  the customer is located in India   I googled on the problem  and the main source seems to be that the SSL port is speaking in HTTP  I checked my server  and this is not happening  I tried the solution mentioned here  but the customer has stated it did not fix the issue   Can anyone tell me how I can fix this  or how I can reproduce this     THE SOLUTION  Turns out the customer had a misconfigured local proxy   Hope that helps anyone finding this question trying to debug it in the future

User · Answer

In my case the problem was that https was unable to start correctly because Listen 443 was in "IfDefine SSL" derective, but my apache didnt start with -DSSL option. The fix was to change my apachectl script in:

$HTTPD -k $ARGV

to:

$HTTPD -k $ARGV -DSSL

Hope that helps somebody.

User · Answer

The solution for me was that default-ssl was not enabled in apache 2     just putting SSLEngine On  I had to execute a2ensite default-ssl and everything worked

User · Answer

Please see this link   I looked in all my apache log files until I found the actual error  I had changed the  lt VirtualHost gt  from  default  to my fqdn   When I fixed this error  everything worked fine

User · Answer

In my case  I had the wrong IP Address in the virtual host file  The listen was 443  and the stanza was  lt VirtualHost 192 168 0 1 443 gt  but the server did not have the 192 168 0 1 address

User · Answer

I had a messed up virtual host config  Remember you need one virtual host without SSL for port 80  and another one with SSL for port 443  You cannot have both in one virtual host  as the webmin-generated config tried to do

User · Answer

I had the same problem in some browser to access to my SSL site  I  have found that I had to give to fireFox the right proxy  FireFox was accessing directly to internet    Depending of the lan configuration  Tunneling  filtering  proxy redirection   the  direct access to internet  mode for FireFox throws this error

User · Answer

In my case I had forgot to set SSLEngine On in the configuration  Like so    lt VirtualHost  default  443 gt    SSLEngine On        lt  VirtualHost gt    http   httpd apache org docs 2 2 mod mod ssl html sslengine

User · Answer

Ask the user for the exact URL they re using in their browser  If they re entering https   your site 80  they may receive the ssl error rx record too long error

User · Answer

You might also try fixing the hosts file   Keep the vhost file with the fully qualified domain and add the hostname in the hosts file  etc hosts  debian   ip ip ip ip name name domain com   After restarting apache2  the error should be gone

User · Answer

If you have the error after setup a new https vhost and the config seems to be right  remember to link in sites-enabled too

User · Answer

Old question  but first result in Google for me  so here s what I had to do   Ubuntu 12 04 Desktop with Apache installed  All the configuration and mod ssl was installed when I installed Apache  but it just wasn t linked in the right spots yet  Note  all paths below are relative to  etc apache2   mod ssl is stored in   mods-available  and the SSL site configuration is in   sites-available  you just have to link these to their correct places in   mods-enabled and   sites-enabled  cd  etc apache2 cd   mods-enabled sudo ln -s    mods-available ssl      cd    sites-enabled sudo ln -s    sites-available default-ssl      Restart Apache and it should work  I was trying to access https   localhost  so your results may vary for external access  but this worked for me

User · Answer

In my case the problem was that https was unable to start correctly because Listen 443 was in "IfDefine SSL" derective, but my apache didnt start with -DSSL option. The fix was to change my apachectl script in:

$HTTPD -k $ARGV

to:

$HTTPD -k $ARGV -DSSL

Hope that helps somebody.

User · Answer

The link mentioned by Subimage was right on the money for me   It suggested changing the virtual host tag  ie  from  lt VirtualHost myserver example com 443 gt  to  lt VirtualHost  default  443 gt      Error code  ssl error rx record too long      This usually means the implementation of SSL on your server is not correct  The error is usually caused by a server side problem which the server administrator will need to investigate       Below are some things we recommend trying          Ensure that port 443 is open and enabled on your server  This is the standard port for https communications    If SSL is using a non-standard port then FireFox 3 can sometimes give this error  Ensure SSL is running on port 443    If using Apache2 check that you are using port 443 for SSL  This can be done by setting the ports conf file as follows  Listen 80 Listen 443 https    Make sure you do not have more than one SSL certificate sharing the same IP  Please ensure that all SSL certificates utilise their own dedicated IP    If using Apache2 check your vhost config  Some users have reported changing  lt VirtualHost gt  to  default  resolved the error       That fixed my problem   It s rare that I google an error message and get the first hit with the right answer    -   In addition to the above  these are some other solutions that other folks have found were causing the issue    Make sure that your SSL certificate is not expired Try to specify the Cipher   SSLCipherSuite ALL  aNULL  ADH  eNULL  LOW  EXP RC4 RSA  HIGH  MEDIUM  SSLv3

User · Answer

My problem was due to a LOW MTU over a VPN connection   netsh interface ipv4 show inter  Idx  Met   MTU   State        Name ---  ---  -----  -----------  -------------------   1 4275 4294967295  connected    Loopback Pseudo-Interface 1  10 4250     1300    connected    Wireless Network Connection  31   25   1400  connected    Remote Access to XYZ Network   Fix  netsh interface ipv4 set interface  Wireless Network Connection  mtu 1400  It may be an issue over a non-VPN connection also

User · Answer

In my case I had to change the  lt VirtualHost   gt  back to  lt VirtualHost   80 gt   which is the default on Ubuntu   Otherwise  the port 443 wasn t using SSL and was sending plain HTML back to the browser   You can check whether this is your case quite easily  just connect to your server http   www example com 443  If you see plain HTML  your Apache is not using SSL on port 443 at all  most probably due to a VirtualHost misconfiguration   Cheers

User · Answer

For me the solution was that my ddclient was not cronning properly

[apache] ssl_error_rx_record_too_long and Apache SSL

Examples related to apache

Examples related to configuration

Examples related to ssl

Examples related to webserver

Examples related to mod-ssl