[solved] SSL_ERROR_RX_RECORD_TOO_LONG on apache

omeko · August 15, 2019, 9:16am

I had a redirect at the top of my apache 2 httpd-ssl.conf and I got the SSL_ERROR_RX_RECORD_TOO_LONG error.
Turns out you must have an entry that activates the SSLEngine first.

So instead of:

<VirtualHost _default_:443>
        ServerName www.servername.com
        Redirect / https://servernname.com/
</VirtualHost>
<VirtualHost _default_:443>
        DocumentRoot /home/servername/webstuff
        ServerName servername.com
        SSLEngine on
        [.....]
</VirtualHost>

the top of your file should have the entries reversed like:

<VirtualHost _default_:443>
        DocumentRoot /home/servername/webstuff
        ServerName servername.com
        SSLEngine on
       [.....]
</VirtualHost>
<VirtualHost _default_:443>
        ServerName www.servername.com
        Redirect / https://servername.com/
</VirtualHost>

There’s usually a dummy-entry for /usr/local/apache/htdocs on top that turns the SSL Engine on, but I had that deleted…

Hope this helps - there’s tons of sh*t on the web concerning this error.

JuergenAuer · August 15, 2019, 9:36am

Hi @omeko

that error means: Your https doesn't work. Instead, your server sends http content over a https connection.

That's

wrong. Two default hosts can't work. Remove one.

And your redirect may produce a loop https + non-www -> https + non-www.

omeko · August 15, 2019, 9:40am

Please reread the topicsubject. And maybe the contents as well.
This contribution is just for reference.

But kudos anyway for trying to help.

PS: I just noticed in the footer that you run check-your-website.server-daten.de. Awesome service; took a bit of vi-ing, but I got A’s for all my domains.

system · September 14, 2019, 9:40am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.