The error “SSL_ERROR_RX_RECORD_TOO_LONG” occurs because the SSL traffic is not setup correctly in the target secure server. This error might also occur if there is a misconfigured proxy which isn’t allowing an SSL handshake on port 443 correctly.
In layman terms, it means that your browser cannot verify the secure data which is usually because an SSL certificate isn’t correctly configured. This error is widely reported more on Firefox as compared to others.
Now there will be two types of people reading this article; one will be regular users who are accessing a website and the other type will be users who are hosting servers and troubleshooting this issue at their end. We have listed solutions for both types with signifying the solutions for technical users by writing “for advanced users” in front of the heading. Take a look!
Solution 1: Entering the site with an HTTP protocol
The simplest solution for users who are accessing a specific website is using the HTTP protocol instead of HTTPS. The HTTPS protocol requires a secure handshake and also the SSL certificates. If there is a problem at the server side regarding the secure mechanism, you can still access the website using the default HTTP.
- Open your browser and type the address of the website and press Enter. Chances are that the browser will automatically set the protocol as HTTPS.
- Edit the address line and set it to HTTP.
- Now try accessing the website again and see if the error still pops up.
Solution 2: Disabling Proxy in Firefox
Majority of the users who face is this issue use Firefox as their browser. Firefox is known to cause these issues for a long time and a lot of users reported that disabling all the proxies solved the problem for them. Mind you that “auto-detect proxies on this network” is not the same as “No proxy”.
- Open Firefox, open the menu icon present on the top-right side and select “Options”.
- Navigate through the menu until you find “Network Proxy”. Click it and select the option “No proxy”.
- Save changes and restart Firefox. Now check if the problem is solved.
Solution 3: Disabling Antivirus Software
The reason why this error might occur is that of interference from Antivirus software installed on your computer. There are several options which protect your computer by also monitoring the network traffic and verifying all the certificates.
In this solution, you have to explore yourself and see if there are any settings in your antivirus which might be providing these services. For example one of these services is “HTTP scanning in AVG”. Disable all these types of protections and try connecting to the website again.
If you are unable to still fix the problem, you can disable the antivirus completely. You can check our article on How to Disable your Antivirus. Restart your computer after disabling and see if you can access the sites without any problem.
Solution 4: Disable TLS 1.3 (for advanced users)
Another workaround for this is disabling TLS 1.3 protocol using your Firefox settings. You can revert the settings if this doesn’t work for you.
- Type “about:config” in the address bar of Firefox.
- Now search for the entry “tls.version.max”. Change the value from 4 to 3.
- The value 4 stands for TLS 1.3 and 3 stands for TLS 1.2. Restart the browser and check if the problem is solved.
Solution 5: Additional Troubleshooting for Firefox Users
In addition to the above listed solutions, you can also try the following fixes for your Firefox browser. You can easily see how they are done at our website.
- Clear your cache and upgrade Firefox to the latest version available.
- Turn off all of Firefox’s add-ons.
- Refresh your browser entirely. Do note that your bookmarks may get erased at this point.
- Set the tls.version.max value to 0.
- If all the above steps don’t work for your Firefox, consider using an alternate browser such as Chrome for opening the site.
Solution 6: Changing Certificate (advanced users)
A simple workaround for this issue changing some certificate values of your server. We have included some code as a demonstration.
Here you have to change the default:443 to example.dev:443.
Solution 7: Changing nginx.conf files (for advanced users)
Another change which you can try to resolve the error is changing the nginx.conf file. This solution is specific for people who are using Nginx to run their site. The same principle applies that is we tweaking settings regarding the 443 port.
Below is a piece of code with the workaround mentioned below to help you understand.
Here you have to change listen 443; to listen 443 ssl; Furthermore, you should also remove the line “ssl on;”. Now check if the problem is solved.
Note: If you want to force e.g. phpmyadmin to use SSL/https you will run into this problem if this link is missing, you can use a2ensite default-ssl.
Solution 8: Doing additional checks (for advanced users)
In addition to above solutions, you should also make sure that the following statements hold.
- You should port 443 is open and enabled in the server. This is the standard port for https communications.
- If the SSL is using a non-standard then Firefox may prompt this error. You should ensure is running on port 443.
- If you are using Apache2, you should check that the port for SSL is 443. You can achieve this by setting the httpd.conf file as it follows:
- Make sure that the SSL certificates are not expired.
- If you are Apache2, you check your vhost config file. There are reports that changing <VirtualHost> to _default_ resolved the error.
- You should also make sure that you have only one SSL certificate on one IP. Ensure that all SSL certificates utilize their own dedicated IP.
- In Apache, check that the Listen <port> directive matches the port number in the VirtualHost directive for the website being secured, and that the SSL configuration statements (SSLEngine On, SSLCertificateFile <filename> and so on) appear in the VirtualHost directive for the website or in the SSL configuration file for the server.