I've got a customer trying to access one of my sites, and they keep getting this error > ssl_error_rx_record_too_long
They're getting this error on all browsers, all platforms. I can't reproduce the problem at all.
My server and myself are located in the USA, the customer is located in India.
I googled on the problem, and the main source seems to be that the SSL port is speaking in HTTP. I checked my server, and this is not happening. I tried the solution mentioned here, but the customer has stated it did not fix the issue.
Can anyone tell me how I can fix this, or how I can reproduce this???
THE SOLUTION
Turns out the customer had a misconfigured local proxy!
Hope that helps anyone finding this question trying to debug it in the future.
This question is related to
apache
configuration
ssl
webserver
mod-ssl
In my case the problem was that https was unable to start correctly because Listen 443 was in "IfDefine SSL" derective, but my apache didnt start with -DSSL option. The fix was to change my apachectl script in:
$HTTPD -k $ARGV
to:
$HTTPD -k $ARGV -DSSL
Hope that helps somebody.
You might also try fixing the hosts file.
Keep the vhost file with the fully qualified domain and add the hostname in the hosts file /etc/hosts (debian)
ip.ip.ip.ip name name.domain.com
After restarting apache2, the error should be gone.
Old question, but first result in Google for me, so here's what I had to do.
Ubuntu 12.04 Desktop with Apache installed
All the configuration and mod_ssl was installed when I installed Apache, but it just wasn't linked in the right spots yet. Note: all paths below are relative to /etc/apache2/
mod_ssl
is stored in ./mods-available
, and the SSL site configuration is in ./sites-available
, you just have to link these to their correct places in ./mods-enabled
and ./sites-enabled
cd /etc/apache2
cd ./mods-enabled
sudo ln -s ../mods-available/ssl.* ./
cd ../sites-enabled
sudo ln -s ../sites-available/default-ssl ./
Restart Apache and it should work. I was trying to access https://localhost, so your results may vary for external access, but this worked for me.
If you have the error after setup a new https vhost and the config seems to be right, remember to link in sites-enabled
too.
In my case I had forgot to set SSLEngine On
in the configuration. Like so,
<VirtualHost _default_:443>
SSLEngine On
...
</VirtualHost>
Please see this link.
I looked in all my apache log files until I found the actual error (I had changed the <VirtualHost>
from _default_
to my fqdn
). When I fixed this error, everything worked fine.
Ask the user for the exact URL they're using in their browser. If they're entering https://your.site:80, they may receive the ssl_error_rx_record_too_long error.
For me the solution was that my ddclient was not cronning properly...
I had a messed up virtual host config. Remember you need one virtual host without SSL for port 80, and another one with SSL for port 443. You cannot have both in one virtual host, as the webmin-generated config tried to do.
In my case I had to change the <VirtualHost *> back to <VirtualHost *:80> (which is the default on Ubuntu). Otherwise, the port 443 wasn't using SSL and was sending plain HTML back to the browser.
You can check whether this is your case quite easily: just connect to your server http://www.example.com:443. If you see plain HTML, your Apache is not using SSL on port 443 at all, most probably due to a VirtualHost misconfiguration.
Cheers!
I had the same problem in some browser to access to my SSL site. I have found that I had to give to fireFox the right proxy (FireFox was accessing directly to internet).
Depending of the lan configuration (Tunneling, filtering, proxy redirection), the "direct access to internet" mode for FireFox throws this error.
In my case the problem was that https was unable to start correctly because Listen 443 was in "IfDefine SSL" derective, but my apache didnt start with -DSSL option. The fix was to change my apachectl script in:
$HTTPD -k $ARGV
to:
$HTTPD -k $ARGV -DSSL
Hope that helps somebody.
In my case, I had the wrong IP Address in the virtual host file. The listen was 443, and the stanza was <VirtualHost 192.168.0.1:443>
but the server did not have the 192.168.0.1 address!
My problem was due to a LOW MTU over a VPN connection.
netsh interface ipv4 show inter
Idx Met MTU State Name
--- --- ----- ----------- -------------------
1 4275 4294967295 connected Loopback Pseudo-Interface 1
10 4250 **1300** connected Wireless Network Connection
31 25 1400 connected Remote Access to XYZ Network
Fix: netsh interface ipv4 set interface "Wireless Network Connection" mtu=1400
It may be an issue over a non-VPN connection also...
The solution for me was that default-ssl
was not enabled in apache 2.... just putting SSLEngine On
I had to execute a2ensite default-ssl
and everything worked.
Source: Stackoverflow.com