Search code examples
apacheconfigurationsslwebservermod-ssl

ssl_error_rx_record_too_long and Apache SSL

I've got a customer trying to access one of my sites, and they keep getting this error > ssl_error_rx_record_too_long

They're getting this error on all browsers, all platforms. I can't reproduce the problem at all.

My server and myself are located in the USA, the customer is located in India.

I googled on the problem, and the main source seems to be that the SSL port is speaking in HTTP. I checked my server, and this is not happening. I tried the solution mentioned here, but the customer has stated it did not fix the issue.

Can anyone tell me how I can fix this, or how I can reproduce this???

THE SOLUTION

Turns out the customer had a misconfigured local proxy!

Solution

  • The link mentioned by Subimage was right on the money for me. It suggested changing the virtual host tag, ie, from <VirtualHost myserver.example.com:443> to <VirtualHost _default_:443>

    Error code: ssl_error_rx_record_too_long

    This usually means the implementation of SSL on your server is not correct. The error is usually caused by a server side problem which the server administrator will need to investigate.

    Below are some things we recommend trying.

    • Ensure that port 443 is open and enabled on your server. This is the standard port for https communications.

    • If SSL is using a non-standard port then FireFox 3 can sometimes give this error. Ensure SSL is running on port 443.

    • If using Apache2 check that you are using port 443 for SSL. This can be done by setting the ports.conf file as follows

      Listen 80
Listen 443 https

    • Make sure you do not have more than one SSL certificate sharing the same IP. Please ensure that all SSL certificates utilise their own dedicated IP.

    • If using Apache2 check your vhost config. Some users have reported changing <VirtualHost> to _default_ resolved the error.

    That fixed my problem. It's rare that I google an error message and get the first hit with the right answer! :-)

    In addition to the above, these are some other solutions that other folks have found were causing the issue:

    • Make sure that your SSL certificate is not expired

    • Try to specify the Cipher:

      SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM:+SSLv3