Ssl_error_rx_record_too_long
Hi,
I'm trying to configure a https redirection for my website. I'm using Apache on an OpenSUSE 13.2. The structure of the config files is a little bit different from Centos, which I'm more familiar with, and I'm not sure how it all works, even though I understand that all directives are taken into consideration, as long as there's an include directive in the main config (httpd.conf) The error is: Secure Connection Failed. An error occurred during a connection to mydomain.com. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG What I did first was simply to add these 3 lines (which work fine on my Centos 7): Code:
<VirtualHost *:80> So I edited ssl-global.conf and added these lines: Code:
SSLCertificateFile /etc/letsencrypt/live/mydomain.com/cert.pem I've already added a <VirtualHost *:443> container in ssl-global.conf, in which the SSLCertificate directives are included, even though I don't think it's necessary to place them within the container. Any ideas how I'm supposed to attack this problem? Should I offer more information? P.S. I forgot to mention that I'm using it for owncloud. The weird thing is that if I type in mydomain.com, it doesn't redirect to https, but when I write mydomain.com/owncloud, then it redirects to https and it gives the aforementioned error. |
Quote:
I'm not a Suse user, so better have a look here (skip the initial certificates stuff since you have the certs), about the apache configuration files that need editing. Regards |
Doesn't owncloud have an "Use ssl" option in the admin area?
|
Quote:
I followed the instructions, but to no avail. I'm not trying to redirect anymore, so that others can use owncloud in the meantime. I'm testing it by prefixing https in the address bar. The error is the same. These are my include directives in httpd.conf (I bolded the one I think is relevant): Code:
Include /etc/apache2/uid.conf Code:
IncludeOptional /etc/apache2/conf.d/*.conf Code:
<IfDefine SSL> |
Did you run
Code:
a2enmod ssl Seen http://refugeeks.com/owncloud-setup-guide/ ? |
Quote:
a2enmod ssl "ssl" already present First I need to solve the https problem. When I try https://mydomain.com, the error is the same. So it's not related to owncloud, at least not at this stage. SSL is not working, and it's related to Apache, not to owncloud. |
http://refugeeks.com/owncloud-setup-...figuring-HTTPS is fairly Apache-specific.
|
Quote:
Quote:
|
Quote:
Code:
Invalid command 'SSLCipherSuite', perhaps misspelled or defined by a mo... |
Following habitual's link, I had enabled an "owncloud-ssl" module (which didn't exist on my machine anyway) and disabled ssl. That's where the errors came from and that's why apache was seeing legitimate directives as invalid. Then I enabled ssl and disabled owncloud-ssl again.
After enabling SSL in /etc/sysconfig/apache2, ssl_request_log has also been generated under /var/log. Even so, when I try https://mydomain.com(/owncloud), I get the same error. |
Quote:
Later edit: I changed the Virtualhost directive from mydomain.com to *:443 and ssl seems to be working. The letsencrypt certificate is recognized by the browser. The only problem now is that I get a 403 forbiden error when prefixing with https, both with or without /owncloud. Unbelievable! It works. The problem was that <Directory "/srv/www/htdocs"> was included in the <VirtualHost *:80>. I placed it outside and it works! Thanks to both of you. You've been really helpful :) But the /etc/sysconfig/apache2 proved to be essential. It never crossed my mind, of course, because it doesn't exist in CentOS. A rather sad inconsistency between linux distros which made me spent a whole day on this... but I guess it was worth it in the end :) |
Glad it worked out.
FWIW: I have never touched any /etc/sysconfig/apache2 getting all my https working. httpd on CentOS and httpd on Ubuntu are not the same thing, as you have found out. |
Quote:
|
I used https://www.digitalocean.com/communi...r-ubuntu-12-04
before I had Owncloud EE and that has it's own SSL chain built-in, I believe. |
Quote:
|
All times are GMT -5. The time now is 04:40 PM. |