The error “SSL_ERROR_RX_RECORD_TOO_LONG” usually is a wrong configuration on the server-side.
This usually means the implementation of SSL on an external server is not correct.
The error is usually caused by a server-side problem which the server administrator will need to investigate.
When the client is trying to connect to this server, we will get an ssl_error_rx_record_too_long error because the SSL stack is trying to interpret a HTTP response as SSL/TLS data.
Errors related to ssl_error_rx_record_too_long
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)
curl: (35) SSL received a record that exceeded the maximum permissible length.
How to troubleshoot ssl_error_rx_record_too_long
we recommend trying to check below.
- Try use HTTP protocol to access the web
- The external server needs to have a proper client key, cert, and ca.
- Ensure that port 443 is open and enabled on our server. This is the standard port for HTTPS communications.
- If SSL is using a non-standard port then Firefox 3 can sometimes give this error. Ensure SSL is running on port 443.
Fix ssl_error_rx_record_too_long on Apache
If using Apache2 check that we are using port 443 for SSL. This can be done by setting the ports.conf file as follows
- Listen 80
- Listen 443 https
Make sure we do not have more than one SSL certificate sharing the same IP. Please ensure that all SSL certificates utilise their own dedicated IP.
If using Apache2 check our vhost config. Some users have reported changing <VirtualHost> to _default_ resolved the error.
Fix ssl_error_rx_record_too_long on Nginx
we can change the configuration as below.
Change
listen 443;
to
listen 443 ssl;
and get rid of this line
ssl on;
Capture SSL process with openssl s_client command
In case we wanted to troubleshoot the SSL parts, we can use this command to capture the entire SSL process .
openssl s_client -connect www.example.com:443