en English
X

Select Language

Powered by Google TranslateTranslate

We hope you will find the Google translation service helpful, but we don’t promise that Google’s translation will be accurate or complete. You should not rely on Google’s translation. English is the official language of our site.

en English
X

Select Language

Powered by Google TranslateTranslate

We hope you will find the Google translation service helpful, but we don’t promise that Google’s translation will be accurate or complete. You should not rely on Google’s translation. English is the official language of our site.

Fix the Browser Error: ‘ssl_error_rx_record_too_long’ or ‘Internet Explorer cannot display the webpage’ on Linux

You may have come across the following error while trying to setup SSL certificates on Apache:

Error code: ssl_error_rx_record_too_long(Firefox) or Internet Explorer cannot display the webpage (IE)

More often than not, you have something mis-configured (Likely the listening port: 443). First, make sure  that your firewall or iptables allows incoming connections on 443 (command shown on Ubuntu):

#sudo ufw allow 443

That may not have fixed your problem, but now try going to the following address:

http://www.domain.tld:443

If you’ve successfully seen something at the above page, it means your sites are listening on that port for non-ssl. I’ll assume that your apache virtual host file has something along the lines of:

NameVirtualHost *

What you’re going to want to do is force your vhosts to listen specifically on the proper ports. Change the above line to the following:

NameVirtualHost *:80

If you’re using Ubuntu your ports.conf file should likely have 443 enabled on the listening port. You may also have default-ssl listed in your /etc/apache2/sites-available/ folder, in which case you may want to enable that:

#sudo a2ensite /etc/apache2/sites-available/default-ssl

Basically, that file has the following inside of it:

... your server name / document root ...
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key

While you can use a single “shared” SSL certificate for multiple hosts, if each host needs its own SSL, they will need static IP addresses.

Other recommendations:

  • Ensure that port 443 is open and enabled on your server. This is the standard port for HTTPS communications.
  • If SSL is using a non-standard port then Firefox 3 can sometimes give this error. Ensure SSL is running on port 443.
  • If using Apache2 check that you are using port 443 for SSL. This can be done by setting the ports.conf file as follows:
    Listen 80
    Listen 443 https
    
  • Make sure you do not have more than one SSL certificate sharing the same IP address. Please ensure that all SSL certificates utilize their own dedicated IP address.
  • If using Apache2 check your vhost config. Some users have reported changing to _default_ resolved the error.

Subscribe to SSL.com’s Newsletter

Don’t miss new articles and updates from SSL.com