Fix the Browser Error: ‘ssl_error_rx_record_too_long’ or ‘Internet Explorer cannot display the webpage’ on Linux

Fix the Browser Error: ‘ssl_error_rx_record_too_long’ or ‘Internet Explorer cannot display the webpage’ on Linux

You may have come across the following error while trying to setup SSL certificates on Apache:

Error code: ssl_error_rx_record_too_long(Firefox) or Internet Explorer cannot display the webpage (IE)

More often than not, you have something mis-configured (Likely the listening port: 443). First, make sure  that your firewall or iptables allows incoming connections on 443 (command shown on Ubuntu):

#sudo ufw allow 443

That may not have fixed your problem, but now try going to the following address:

http://www.domain.tld:443

If you’ve successfully seen something at the above page, it means your sites are listening on that port for non-ssl. I’ll assume that your apache virtual host file has something along the lines of:

NameVirtualHost *

What you’re going to want to do is force your vhosts to listen specifically on the proper ports. Change the above line to the following:

NameVirtualHost *:80

If you’re using Ubuntu your ports.conf file should likely have 443 enabled on the listening port. You may also have default-ssl listed in your /etc/apache2/sites-available/ folder, in which case you may want to enable that:

#sudo a2ensite /etc/apache2/sites-available/default-ssl

Basically, that file has the following inside of it:

... your server name / document root ...
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key

While you can use a single “shared” SSL certificate for multiple hosts, if each host needs its own SSL, they will need static IP addresses.

Other recommendations:

  • Ensure that port 443 is open and enabled on your server. This is the standard port for HTTPS communications.
  • If SSL is using a non-standard port then Firefox 3 can sometimes give this error. Ensure SSL is running on port 443.
  • If using Apache2 check that you are using port 443 for SSL. This can be done by setting the ports.conf file as follows:
    Listen 80
Listen 443 https
  • Make sure you do not have more than one SSL certificate sharing the same IP address. Please ensure that all SSL certificates utilize their own dedicated IP address.
  • If using Apache2 check your vhost config. Some users have reported changing to _default_ resolved the error.