Firefox HTTPS error ssl_error_rx_record_too_long
Posted by pcfinch on March 11, 2009
I just had an interesting problem when accessing a HTTPS (SSL) service in Firefox. I got the following error message.
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)
It turned out the the HTTPS service (on port 443) was not actually a HTTPS service and it was configured as a normal HTTP service. The initial connection from the browser was communicating in HTTPS, and expecting a security certificate, but instead it was getting back the normal HTTP “Bad Request” HTML. A confusing error message, but an easy problem to fix.
Leonardo Borges said
Hi Peter!
What was your fix to this problem?
I’m having the same issue but haven’t found a way to fix it.
Tks
pcfinch said
I changed the server so that it had a HTTPS server (SSL) on port 443 instead of a normal service.
peatuhacs said
oh god, i really don’t know these things, how do you change the server?
dwight said
I hit this on my debian installation. If you look in /etc/apache2/sites-available and sites-enabled/, make sure that if there is a “default-ssl” in the ‘available’ directory, that it’s also linked in the ‘enabled’ directory. Until I did this, I was getting the error.
basically, apache is listening on port 443, but doesn’t know that it’s supposed to be using SSL on that port, until you configure it to do so.
Brian said
I was trying to figure this out all day and I finally got it resolved because of your post. THANK YOU!
peatuhacs said
sorry how do you actually configure it?
Fred said
Website needs to be both enabled AND available.
For this, you need to create a symbolic link into the sites-enabled folder and restart apache:
cd /etc/apache2/sites-enabled
ln -s ../sites-available/default-ssl default-ssl
/etc/init.d/apache2 reload
khusyal singh said
create ssl certificate for apache on ubuntu 8.04 :
sudo mkdir /etc/apache2/ssl
sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
cd /etc/apache2/sites-available
cp default ssl
edit ssl, add
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
enable site,
a2ensite ssl
you also need to change in ssl …
VirtualHost *:80
to…
VirtualHost *:443
then restart/reload apache
(khusyal singh
from india)
aniket said
i hav a problem during opening sute orkut and facebook it tells me that permitted length exceeds, i dnt knw how to cure it please give me some suggestions…
S said
for facebook, just remove the s from the url (http:// instead of https://)
Ashok said
Lovely buddy. Works great !
david said
This issue is about openssl 0.98e, I had same problem after upgrading openssl 0.97 to 0.98
pain said
still cant resolve my problem. hope i can find step by step tutorial about this
saxi said
i have own problem only with facebook i can not open this site and i don`t know why??? i want help 😀 thank u!!!
peatuhacs said
me too budd, have u got any help yet and is your facebook working now?
Tiago said
redirecionamento de portas no firewall estavam causando isto..
Tiago said
sorry, in english, port rdr is the cause for my problem –> client side.
shaglandChris said
Wondering how to do this on a shared server
Steve said
I started getting this from socialfixer (Facebook app) today on Firefox but not on iron. I always use https on Facebook. I haven’t done anything to change port 443 to my knowledge. I’ll ask the socialfixer guy if he knows why it’s happening.
James said
I had the same issue, but the debian fix as above worked for me.
Thanks
Aaron said
Guys, I had this issue running only Tomcat as the servlet engine. I have found the cause of the issue to be format of the SSL connector in the server.xml file. When I pasted in the connector string from my own notes it was failing despite no word wrap on the source notepad string. After finding no useful answers on google anywhere I decided to modify the existing connector in the original server.xml to add the key store and trust store manually and it resolved the issue.
jon said
cant access yahoo.com, google.com. any time i try to log on it says An error occurred during a connection to http://www.google.com.gh.
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long). how do i correct it. using windows 7, mozilla firefox
niston said
I have seen this error on several machines and was able to successfully fix it by disabling TLS 1.0 (In Firefox go to Options -> Advanced -> Encryption). I still wonder what might cause it, though. The error occured with different sites (not necessarily consistent across machines), even with some embedded servers in network devices. Still would like to find out the root cause of it.