SSL Certificates (ssl_error_rx_record_too_long) Ubuntu Linux
by swicknire on Mar.14, 2009, under linux/ubuntu
It seems obvious you’ve come across the following error while trying to setup SSL certificates on apache.
Error code: ssl_error_rx_record_too_long
Well more often than not, you have something mis-configured! (Likely the listening port: 443). What you might want to do is check that your firewall or iptables allows incoming connections on 443.
Ubuntu:
#sudo ufw allow 443
Ok, wonderful – that probably didn’t fix your problem. But now try going to the following address
http://www.domain.tld:443
If you’ve successfully seen something at the above page, it means your sites are listening on that port for non-ssl. I’ll assume that your apache virtual host file has something along the lines of:
NameVirtualHost *
<VirtualHost *>
What you’re going to want to do is force your vhosts to listen specifically on the proper ports. Changing to the following:
NameVirtualHost *:80
<VirtualHost *:80>
If you’re using ubuntu your ports.conf file should likely have 443 enabled on the listening port, and you may also have default-ssl listed in your /etc/apache2/sites-available/ folder. In which case you may want to enable that.
#sudo a2ensite /etc/apache2/sites-available/default-ssl
Basically that file has the following inside of it
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
…… your server name / document root …..
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key</VirtualHost>
</IfModule>
While you can use a single “shared” SSL certificate for multiple hosts, if each host needs it’s own SSL, they will need static ip addresses.
Leave a Reply
You must be logged in to post a comment.
June 26th, 2010 on 6:41 pm
Just wanted to thank you for this post. I was struggling for several hours getting my SSL up and running on a new server and this solved it.
February 3rd, 2011 on 10:24 am
Thank you very much. I’m having a lot of trouble setting up SSL for a site that my manager wants to use to sell her embroidery designs online.