Firefox HTTPS error ssl_error_rx_record_too

March 2009
M	T	W	T	F	S	S
	1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31

Firefox HTTPS error ssl_error_rx_record_too_long

Posted by pcfinch on March 11, 2009

I just had an interesting problem when accessing a HTTPS (SSL) service in Firefox. I got the following error message.

SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)

It turned out the the HTTPS service (on port 443) was not actually a HTTPS service and it was configured as a normal HTTP service. The initial connection from the browser was communicating in HTTPS, and expecting a security certificate, but instead it was getting back the normal HTTP “Bad Request” HTML. A confusing error message, but an easy problem to fix.

This entry was posted on March 11, 2009 at 2:58 am and is filed under Web. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

23 Responses to “Firefox HTTPS error ssl_error_rx_record_too_long”

Leonardo Borges said

July 2, 2009 at 8:50 am
Hi Peter!

What was your fix to this problem?

I’m having the same issue but haven’t found a way to fix it.

Tks

Reply
- pcfinch said
  
  July 27, 2009 at 10:54 am
  I changed the server so that it had a HTTPS server (SSL) on port 443 instead of a normal service.
  
  Reply
  - peatuhacs said
    
    February 11, 2012 at 9:51 am
    oh god, i really don’t know these things, how do you change the server?
dwight said

October 15, 2009 at 1:40 am
I hit this on my debian installation. If you look in /etc/apache2/sites-available and sites-enabled/, make sure that if there is a “default-ssl” in the ‘available’ directory, that it’s also linked in the ‘enabled’ directory. Until I did this, I was getting the error.

basically, apache is listening on port 443, but doesn’t know that it’s supposed to be using SSL on that port, until you configure it to do so.

Reply
- Brian said
  
  July 12, 2011 at 10:42 pm
  I was trying to figure this out all day and I finally got it resolved because of your post. THANK YOU!
  
  Reply
  - peatuhacs said
    
    February 11, 2012 at 9:52 am
    sorry how do you actually configure it?
  - Fred said
    
    December 3, 2012 at 10:58 pm
    Website needs to be both enabled AND available.
    For this, you need to create a symbolic link into the sites-enabled folder and restart apache:
    
    cd /etc/apache2/sites-enabled
    ln -s ../sites-available/default-ssl default-ssl
    /etc/init.d/apache2 reload
khusyal singh said

December 9, 2009 at 9:30 am
create ssl certificate for apache on ubuntu 8.04 :
sudo mkdir /etc/apache2/ssl
sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

cd /etc/apache2/sites-available
cp default ssl

edit ssl, add
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem

enable site,
a2ensite ssl
you also need to change in ssl …

VirtualHost *:80
to…
VirtualHost *:443

then restart/reload apache

(khusyal singh
from india)

Reply
aniket said

February 8, 2010 at 2:19 pm
i hav a problem during opening sute orkut and facebook it tells me that permitted length exceeds, i dnt knw how to cure it please give me some suggestions…

Reply
- S said
  
  June 8, 2011 at 6:40 am
  for facebook, just remove the s from the url (http:// instead of https://)
  
  Reply
  - Ashok said
    
    January 9, 2012 at 4:21 am
    Lovely buddy. Works great !
david said

September 17, 2010 at 4:19 pm
This issue is about openssl 0.98e, I had same problem after upgrading openssl 0.97 to 0.98

Reply
pain said

April 8, 2011 at 4:27 am
still cant resolve my problem. hope i can find step by step tutorial about this

Reply
saxi said

May 20, 2011 at 6:13 pm
i have own problem only with facebook i can not open this site and i don`t know why??? i want help 😀 thank u!!!

Reply
- peatuhacs said
  
  February 11, 2012 at 9:47 am
  me too budd, have u got any help yet and is your facebook working now?
  
  Reply
Tiago said

June 8, 2011 at 11:55 am
redirecionamento de portas no firewall estavam causando isto..

Reply
Tiago said

June 8, 2011 at 11:56 am
sorry, in english, port rdr is the cause for my problem –> client side.

Reply
shaglandChris said

August 8, 2011 at 11:04 pm
Wondering how to do this on a shared server

Reply
Steve said

November 29, 2011 at 1:10 am
I started getting this from socialfixer (Facebook app) today on Firefox but not on iron. I always use https on Facebook. I haven’t done anything to change port 443 to my knowledge. I’ll ask the socialfixer guy if he knows why it’s happening.

Reply
James said

July 3, 2012 at 10:02 am
I had the same issue, but the debian fix as above worked for me.

Thanks

Reply
Aaron said

July 17, 2012 at 9:58 am
Guys, I had this issue running only Tomcat as the servlet engine. I have found the cause of the issue to be format of the SSL connector in the server.xml file. When I pasted in the connector string from my own notes it was failing despite no word wrap on the source notepad string. After finding no useful answers on google anywhere I decided to modify the existing connector in the original server.xml to add the key store and trust store manually and it resolved the issue.

Reply
jon said

February 2, 2013 at 10:09 am
cant access yahoo.com, google.com. any time i try to log on it says An error occurred during a connection to http://www.google.com.gh.

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long). how do i correct it. using windows 7, mozilla firefox

Reply
niston said

February 26, 2013 at 10:00 pm
I have seen this error on several machines and was able to successfully fix it by disabling TLS 1.0 (In Firefox go to Options -> Advanced -> Encryption). I still wonder what might cause it, though. The error occured with different sites (not necessarily consistent across machines), even with some embedded servers in network devices. Still would like to find out the root cause of it.

Reply