Hello,
I have a problem when I create a subdomain, I don’t have problems creating subdomains like:
Then I create the certificate without problems, but if I install some service, such as xmpp, that uses the ports:
Ports:5222/TCP (Client to server), 5269/TCP (Server to server), 5223/TCP (SSL)
If I try to gain access:
https://subdominio.dominio.com:5222
The browser returns the error:
SSL_ERROR_RX_RECORD_TOO_LONG
I don’t know if I have the problem in the configuration of nginx or in Let’s Encrypt.
Hi @bichomen
please share your domain name.
That error
says: There is http content, not https.
So
http://subdominio.dominio.com:5222
should send a correct http answer.
This problem must be either a firewall (including port forwarding or blocking) or a problem with the configuration of the service listening on that port. As @JuergenAuer pointed out, the SSL_ERROR_RX_RECORD_TOO_LONG is basically always a case of trying to access an HTTP service via HTTPS (so the service has been misconfigured without TLS), while ERR_CONNECTION_TIMED_OUT is most often a firewall-related problem.
Ok, I know this.
So the problem is in the web server configuration?
Don’t I have to create a certificate for https://subdomain.domain.com:5222? If I have a certificate for https://subdomain.domain.com even if I redirect to http://subdomain.domain.com:5222, will it work?
No, certificates are for DNS labels, not for URLs--the port is irrelevant, as is the protocol (the same cert can be used for HTTPS, LDAPS, IMAPS, etc.). As long as the name matches and the CA is trusted, the cert is fine.
Correct.
Thanks, now I know what to focus on
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.