SSL 收到一条超过最大允许长度的记录(错误代码: SSL_Error_rx_record_too_long)

我关注了位于这里的 https 设置的官方文档: https://help.ubuntu.com/6.06/ubuntu/serverguide/C/httpd.html#https-configuration

我不得不移除 +CompatEnvVars

SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire

因为它说这是一个无效的命令或东西。因此,删除了这一点,并按照指示的钉子,它得到了错误:

SSL received a record that exceeded the maximum permissible length.


(Error code: ssl_error_rx_record_too_long)

我是 SSL 的新手,有什么建议吗?

375390 次浏览
小开
最佳答案

I've just experienced this issue. For me it appeared when some erroneous code was trying to redirect to HTTPS on port 80.

e.g.

https://example.com:80/some/page

by removing the port 80 from the url, the redirect works.

HTTPS by default runs over port 443.

小开

I had that same error. I forgot to create a link from sites-enabled/000-default-ssl to the sites-available/default-ssl file.

> ln -s /etc/apache2/sites-available/default-ssl /etc/apache2/sites-enabled/000-default-ssl
小开

I used 

a2ensite default-ssl

and it worked like a charm.

If you want to force e.g. phpmyadmin to use SSL/https you will run into this problem if this link is missing.

小开

In my case I accidentally used SSL in the Virtualhost configuration for port 80, instead of 443.

小开

In my case, an Ubuntu system, in ports.conf I had

NameVirtualHost *:80
NameVirtualHost 192.168.1.79
Listen 80

And then, inside , I had

NameVirtualHost *:443
Listen 443

All I had to do was remove the line NameVirtualHost 192.168.1.79. Restarted apache and problem solved.

小开

This error also occurs when you have enabled the SSL module (i.e. you have run e.g. a2enmod ssl) but not yet enabled any SSL site entries (i.e you have not run e.g. a2ensite default-ssl).

小开

My case is related to Greg B's -- Visual Studio creates two sites when SSL is enabled -- one for secure, and one for normal http requests. However Visual Studio chooses two ports at random, and depending on how you start the debugger you might be pointing towards the wrong page for the request type. Especially if you edit the URL but don't change the port number.

Seeing these posts jogged my memory.

I know this isn't APACHE related, but it is definitely a page that people with that error will find..

小开

In my case I copied a ssl config from another machine and had the wrong IP in <VirtualHost wrong.ip.addr.here:443>. Changed IP to what it should be, restarted httpd and the site loaded over SSL as expected.

小开

In my case, I needed to install mod_ssl first

yum install mod_ssl
小开

This seems to be the result you see from Firefox when the server is not configured properly for SSL. Chrome, BTW, just gave a generic "ssl failed" code.

What happens is that the browser sends a SSL handshake when the server is expecting an HTTP request. Server responds with a 400 code and an error message that is much bigger that the handshake message that the browser expects. Hence the FF message.

As we can see from the responses here there are many things that can break the SSL configuration but not stop the server starting or give any hints in error.log.

What I did was systematically check down all the answers until I finally found the right one, right at the bottom.

Here is what I had in the access logs:

rfulton.actrix.co.nz:80 192.168.1.3 - - [09/Oct/2016:13:39:32 +1300] "\x16\x03\x01" 400 0 "-" "-"
rfulton.actrix.co.nz:80 192.168.1.3 - - [09/Oct/2016:13:39:46 +1300] "\x16\x03\x01" 400 0 "-" "-"
rfulton.actrix.co.nz:80 192.168.1.3 - - [09/Oct/2016:13:49:13 +1300] "\x16\x03\x01" 400 0 "-" "-"
小开

I got the same error after enabling TLSv1.2 in webmin. Right after I enabled TLSv1.2 by accident thinking it was SSLv2, I was not able to log in from https://myipaddress:10000 like I did before. I found this link http://smallbusiness.chron.com/disable-ssl-webmin-miniserv-60053.html and it helped me because I was able to access webmin config file and I was able TLSv1.2

小开

I got this error when I was trying to access a url using curl:

curl 'https://example.com:80/some/page'

The solution was to change https to http

curl 'http://example.com:80/some/page'
小开

If you are upgrading from an older version of apache2, make sure your apache sites-available conf files end in .conf and are enabled with a2ensite

小开

Below Solution worked for me :

Type About:Config in the Address Bar and press Enter.

“This Might void your warranty!” warning will be displayed, click on I’ll be careful, I Promise button.

Type security.ssl.enable_ocsp_stapling in search box.

The value field is true, double click on it to make it false.

Now try to connect your website again.

小开

Finally find out the problem:
the port 443 was listening on HTTP instead of HTTPS, changed to HTTPS solved my issue.

小开

On My side, Error if nginx.conf like

server {
listen 443;
}

curl: (35) SSL received a record that exceeded the maximum permissible length.

Solution:

server {
listen 443 ssl;
}

It's working fine after adding ssl after 443


提交答案