Advertisement
Advertisement


SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long)


Question

I followed the official docs on https setup located here: https://help.ubuntu.com/6.06/ubuntu/serverguide/C/httpd.html#https-configuration

I had to remove the +CompatEnvVars from

SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire

because it said it was an invalid command or something. So having removed that and following the instructions to the nail it get the error:

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)

I'm new to SSL, any advice on what's going wrong?

2010/03/29
1
71
3/29/2010 2:38:04 PM

Accepted Answer

I've just experienced this issue. For me it appeared when some erroneous code was trying to redirect to HTTPS on port 80.

e.g.

https://example.com:80/some/page

by removing the port 80 from the url, the redirect works.

HTTPS by default runs over port 443.

2012/05/02
70
5/2/2012 10:25:06 PM

I used

a2ensite default-ssl

and it worked like a charm.

If you want to force e.g. phpmyadmin to use SSL/https you will run into this problem if this link is missing.

2012/08/06

I had that same error. I forgot to create a link from sites-enabled/000-default-ssl to the sites-available/default-ssl file.

> ln -s /etc/apache2/sites-available/default-ssl /etc/apache2/sites-enabled/000-default-ssl 
2012/05/02

This seems to be the result you see from Firefox when the server is not configured properly for SSL. Chrome, BTW, just gave a generic "ssl failed" code.

What happens is that the browser sends a SSL handshake when the server is expecting an HTTP request. Server responds with a 400 code and an error message that is much bigger that the handshake message that the browser expects. Hence the FF message.

As we can see from the responses here there are many things that can break the SSL configuration but not stop the server starting or give any hints in error.log.

What I did was systematically check down all the answers until I finally found the right one, right at the bottom.

Here is what I had in the access logs:

rfulton.actrix.co.nz:80 192.168.1.3 - - [09/Oct/2016:13:39:32 +1300] "\x16\x03\x01" 400 0 "-" "-"
rfulton.actrix.co.nz:80 192.168.1.3 - - [09/Oct/2016:13:39:46 +1300] "\x16\x03\x01" 400 0 "-" "-"
rfulton.actrix.co.nz:80 192.168.1.3 - - [09/Oct/2016:13:49:13 +1300] "\x16\x03\x01" 400 0 "-" "-"
2016/10/09

This error also occurs when you have enabled the SSL module (i.e. you have run e.g. a2enmod ssl) but not yet enabled any SSL site entries (i.e you have not run e.g. a2ensite default-ssl).

2019/10/29

In my case I copied a ssl config from another machine and had the wrong IP in <VirtualHost wrong.ip.addr.here:443>. Changed IP to what it should be, restarted httpd and the site loaded over SSL as expected.

2016/02/15

Source: https://stackoverflow.com/questions/2538723
Licensed under: CC-BY-SA with attribution
Not affiliated with: Stack Overflow
Email: [email protected]