In my case I had to change the <VirtualHost *> back to <VirtualHost *:80> (which is the default on Ubuntu). Otherwise, the port 443 wasn't using SSL and was sending plain HTML back to the browser.
You can check whether this is your case quite easily: just connect to your server http://www.example.com:443. If you see plain HTML, your Apache is not using SSL on port 443 at all, most probably due to a VirtualHost misconfiguration.
Old question, but first result in Google for me, so here's what I had to do.
Ubuntu 12.04 Desktop with Apache installed
All the configuration and mod_ssl was installed when I installed Apache, but it just wasn't linked in the right spots yet. Note: all paths below are relative to /etc/apache2/
mod_ssl is stored in ./mods-available, and the SSL site configuration is in ./sites-available, you just have to link these to their correct places in ./mods-enabled and ./sites-enabled
cd /etc/apache2
cd ./mods-enabled
sudo ln -s ../mods-available/ssl.* ./
cd ../sites-enabled
sudo ln -s ../sites-available/default-ssl ./
Restart Apache and it should work. I was trying to access https://localhost, so your results may vary for external access, but this worked for me.
Ask the user for the exact URL they're using in their browser. If they're entering https://your.site:80, they may receive the ssl_error_rx_record_too_long error.
就我而言,虚拟主机文件中的 IP 地址错误。 监听是 443,节是 但服务器没有 192.168.0.1 地址!
In my case, I had the wrong IP Address in the virtual host file. The listen was 443, and the stanza was <VirtualHost 192.168.0.1:443> but the server did not have the 192.168.0.1 address!
I looked in all my apache log files until I found the actual error (I had changed the <VirtualHost> from _default_ to my fqdn). When I fixed this error, everything worked fine.
I had a messed up virtual host config. Remember you need one virtual host without SSL for port 80, and another one with SSL for port 443. You cannot have both in one virtual host, as the webmin-generated config tried to do.
In my case the problem was that https was unable to start correctly because Listen 443 was in "IfDefine SSL" derective, but my apache didnt start with -DSSL option. The fix was to change my apachectl script in:
根据 LAN 配置(隧道、过滤、代理重定向),FireFox 的“直接访问互联网”模式会引发此错误。
I had the same problem in some browser to access to my SSL site. I have found that I had to give to fireFox the right proxy (FireFox was accessing directly to internet).
Depending of the lan configuration (Tunneling, filtering, proxy redirection), the "direct access to internet" mode for FireFox throws this error.
The link mentioned by Subimage was right on the money for me. It suggested changing the virtual host tag, ie, from <VirtualHost myserver.example.com:443> to <VirtualHost _default_:443>
Error code: ssl_error_rx_record_too_long
This usually means the implementation of SSL on your server is not correct. The error is usually caused by a server side problem which the server administrator will need to investigate.
Below are some things we recommend trying.
Ensure that port 443 is open and enabled on your server. This is the standard port for https communications.
If SSL is using a non-standard port then FireFox 3 can sometimes give this error. Ensure SSL is running on port 443.
If using Apache2 check that you are using port 443 for SSL. This can be done by setting the ports.conf file as follows
Listen 80
Listen 443 https
Make sure you do not have more than one SSL certificate sharing the same IP. Please ensure that all SSL certificates utilise their own dedicated IP.
If using Apache2 check your vhost config. Some users have reported changing <VirtualHost> to _default_ resolved the error.
That fixed my problem. It's rare that I google an error message and get the first hit with the right answer! :-)
In addition to the above, these are some other solutions that other folks have found were causing the issue:
Make sure that your SSL certificate is not expired
发布评论
评论(15)
对我来说,解决方案是 apache 2 中未启用
default-ssl...只需将SSLEngine On我必须执行
a2ensite default-ssl 一切正常。The solution for me was that
default-sslwas not enabled in apache 2.... just puttingSSLEngine OnI had to execute
a2ensite default-ssland everything worked.就我而言,我必须更改返回; (这是 Ubuntu 上的默认设置)。 否则,端口 443 不使用 SSL,而是将纯 HTML 发送回浏览器。
您可以很容易地检查这是否是您的情况:只需连接到您的服务器 http://www.example.com:443 。 如果您看到纯 HTML,则您的 Apache 根本没有在端口 443 上使用 SSL,很可能是由于 VirtualHost 配置错误。
干杯!
In my case I had to change the <VirtualHost *> back to <VirtualHost *:80> (which is the default on Ubuntu). Otherwise, the port 443 wasn't using SSL and was sending plain HTML back to the browser.
You can check whether this is your case quite easily: just connect to your server http://www.example.com:443. If you see plain HTML, your Apache is not using SSL on port 443 at all, most probably due to a VirtualHost misconfiguration.
Cheers!
就我而言,我忘记在配置中设置
SSLEngine On。 像这样,http://httpd.apache.org/docs/2.2/ mod/mod_ssl.html#sslengine
In my case I had forgot to set
SSLEngine Onin the configuration. Like so,http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslengine
如果您在设置新的 https 虚拟主机后遇到错误并且配置似乎正确,请记住也链接到
sites-enabled。If you have the error after setup a new https vhost and the config seems to be right, remember to link in
sites-enabledtoo.老问题,但对我来说第一个结果是谷歌,所以这就是我必须做的。
安装了 Apache 的 Ubuntu 12.04 桌面
当我安装 Apache 时,所有配置和 mod_ssl 都已安装,但它只是还没有链接到正确的位置。 注意:以下所有路径均相对于/etc/apache2/,
mod_ssl存储在./mods-available中,SSL站点配置为在./sites-available中,您只需将它们链接到./mods-enabled和./sites-enabled中的正确位置即可重新启动 Apache,它应该可以工作。 我试图访问 https://localhost,因此外部访问的结果可能会有所不同,但这对我有用。
Old question, but first result in Google for me, so here's what I had to do.
Ubuntu 12.04 Desktop with Apache installed
All the configuration and mod_ssl was installed when I installed Apache, but it just wasn't linked in the right spots yet. Note: all paths below are relative to /etc/apache2/
mod_sslis stored in./mods-available, and the SSL site configuration is in./sites-available, you just have to link these to their correct places in./mods-enabledand./sites-enabledRestart Apache and it should work. I was trying to access https://localhost, so your results may vary for external access, but this worked for me.
询问用户他们在浏览器中使用的确切 URL。 如果他们输入 https://your.site:80,他们可能会收到 ssl_error_rx_record_too_long 错误。
Ask the user for the exact URL they're using in their browser. If they're entering https://your.site:80, they may receive the ssl_error_rx_record_too_long error.
就我而言,虚拟主机文件中的 IP 地址错误。 监听是 443,节是
In my case, I had the wrong IP Address in the virtual host file. The listen was 443, and the stanza was
<VirtualHost 192.168.0.1:443>but the server did not have the 192.168.0.1 address!我的问题是由于 VPN 连接的 MTU 较低造成的。
使固定:
netsh interface ipv4 set interface "Wireless Network Connection" mtu=1400
这也可能是非 VPN 连接的问题...
My problem was due to a LOW MTU over a VPN connection.
Fix:
netsh interface ipv4 set interface "Wireless Network Connection" mtu=1400
It may be an issue over a non-VPN connection also...
您也可以尝试修复主机文件。
保留带有完全限定域的 vhost 文件,并将主机名添加到主机文件 /etc/hosts (debian)
重新启动 apache2 后,错误应该消失。
You might also try fixing the hosts file.
Keep the vhost file with the fully qualified domain and add the hostname in the hosts file /etc/hosts (debian)
After restarting apache2, the error should be gone.
请参阅此链接。
我查看了所有 apache 日志文件,直到发现实际错误(我已将
_default_更改为我的fqdn) 。 当我修复这个错误时,一切正常。Please see this link.
I looked in all my apache log files until I found the actual error (I had changed the
<VirtualHost>from_default_to myfqdn). When I fixed this error, everything worked fine.我的虚拟主机配置很混乱。 请记住,您需要一台不带 SSL 的端口 80 虚拟主机,以及另一台带 SSL 端口 443 的虚拟主机。您不能在一台虚拟主机中同时拥有这两种虚拟主机,正如 webmin 生成的配置试图做到的那样。
I had a messed up virtual host config. Remember you need one virtual host without SSL for port 80, and another one with SSL for port 443. You cannot have both in one virtual host, as the webmin-generated config tried to do.
就我而言,问题是 https 无法正确启动,因为 Listen 443 位于“IfDefine SSL”指令中,但我的 apache 没有使用 -DSSL 选项启动。 修复方法是将我的 apachectl 脚本更改为:
希望
对某人有帮助。
In my case the problem was that https was unable to start correctly because Listen 443 was in "IfDefine SSL" derective, but my apache didnt start with -DSSL option. The fix was to change my apachectl script in:
to:
Hope that helps somebody.
我在某些浏览器中访问我的 SSL 网站时遇到了同样的问题。
我发现我必须为 fireFox 提供正确的代理(FireFox 直接访问互联网)。
根据 LAN 配置(隧道、过滤、代理重定向),FireFox 的“直接访问互联网”模式会引发此错误。
I had the same problem in some browser to access to my SSL site.
I have found that I had to give to fireFox the right proxy (FireFox was accessing directly to internet).
Depending of the lan configuration (Tunneling, filtering, proxy redirection), the "direct access to internet" mode for FireFox throws this error.
对我来说,解决方案是我的 ddclient 没有正确计时......
For me the solution was that my ddclient was not cronning properly...
Subimage 提到的链接 就在钱给我。 它建议更改虚拟主机标签,即从
这解决了我的问题。 我很少会在谷歌上搜索错误消息并得到第一个正确答案! :-)
除了上述内容,其他人发现了一些其他解决方案导致了该问题:
确保您的 SSL 证书未过期
尝试指定密码:
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM:+SSLv3The link mentioned by Subimage was right on the money for me. It suggested changing the virtual host tag, ie, from
<VirtualHost myserver.example.com:443>to<VirtualHost _default_:443>That fixed my problem. It's rare that I google an error message and get the first hit with the right answer! :-)
In addition to the above, these are some other solutions that other folks have found were causing the issue:
Make sure that your SSL certificate is not expired
Try to specify the Cipher:
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM:+SSLv3