Skip to Content

2 Ways to Fix SSL_ERROR_RX_RECORD_TOO_LONG

The error “SSL_ERROR_RX_RECORD_TOO_LONG” usually is a wrong configuration on the server-side.

This usually means the implementation of SSL on an external server is not correct.

The error is usually caused by a server-side problem which the server administrator will need to investigate.

When the client is trying to connect to this server, we will get an ssl_error_rx_record_too_long error because the SSL stack is trying to interpret a HTTP response as SSL/TLS data.

SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)
curl: (35) SSL received a record that exceeded the maximum permissible length.

How to troubleshoot ssl_error_rx_record_too_long

we recommend trying to check below.

  • Try use HTTP protocol to access the web
  • The external server needs to have a proper client key, cert, and ca.
  • Ensure that port 443 is open and enabled on our server. This is the standard port for HTTPS communications.
  • If SSL is using a non-standard port then Firefox 3 can sometimes give this error. Ensure SSL is running on port 443.

Fix ssl_error_rx_record_too_long on Apache

If using Apache2 check that we are using port 443 for SSL. This can be done by setting the ports.conf file as follows

  • Listen 80
  • Listen 443 https

Make sure we do not have more than one SSL certificate sharing the same IP. Please ensure that all SSL certificates utilise their own dedicated IP.

If using Apache2 check our vhost config. Some users have reported changing <VirtualHost> to _default_ resolved the error.

Fix ssl_error_rx_record_too_long on Nginx

we can change the configuration as below.

Change

listen 443;

to

listen 443 ssl;

and get rid of this line

ssl on;

Capture SSL process with openssl s_client command

In case we wanted to troubleshoot the SSL parts, we can  use this command to capture the entire SSL process .

openssl s_client -connect www.example.com:443