Ssl_error_rx_record_too_long
 

Hi,

I'm trying to configure a https redirection for my website. I'm using Apache on an OpenSUSE 13.2. The structure of the config files is a little bit different from Centos, which I'm more familiar with, and I'm not sure how it all works, even though I understand that all directives are taken into consideration, as long as there's an include directive in the main config (httpd.conf)

The error is: Secure Connection Failed. An error occurred during a connection to mydomain.com. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG

What I did first was simply to add these 3 lines (which work fine on my Centos 7):
I've already configured a letsencrypt certificate, and the result was successful. The files have been created in /etc/letsencrypt/live/mydomain.com/

So I edited ssl-global.conf and added these lines:
The server is listening both on 80 and 443 ports. I actually wrote Listen 0.0.0.0:443, as netstat was showing that the server was listening on IPv6.



I've already added a <VirtualHost *:443> container in ssl-global.conf, in which the SSLCertificate directives are included, even though I don't think it's necessary to place them within the container.

Any ideas how I'm supposed to attack this problem? Should I offer more information?

P.S. I forgot to mention that I'm using it for owncloud. The weird thing is that if I type in mydomain.com, it doesn't redirect to https, but when I write mydomain.com/owncloud, then it redirects to https and it gives the aforementioned error.

The above error means that apache listens on port 443, but it uses the plain http protocol, i.e. SSL is not enabled.
I'm not a Suse user, so better have a look here (skip the initial certificates stuff since you have the certs), about the apache configuration files that need editing.

Regards

Doesn't owncloud have an "Use ssl" option in the admin area?

It actually has an 'enforce ssl' option, which is greyed out. Probably because it hasn't identified proper settings for https.

I followed the instructions, but to no avail. I'm not trying to redirect anymore, so that others can use owncloud in the meantime. I'm testing it by prefixing https in the address bar.

The error is the same.

These are my include directives in httpd.conf (I bolded the one I think is relevant):
And these are the directives in default-server.conf:
So I configured https in /etc/apache2/vhosts.d/vhost-ssl.conf:

Did you run
some time during this task?

Seen http://refugeeks.com/owncloud-setup-guide/ ?

a2enmod ssl
"ssl" already present

First I need to solve the https problem. When I try https://mydomain.com, the error is the same. So it's not related to owncloud, at least not at this stage. SSL is not working, and it's related to Apache, not to owncloud.

http://refugeeks.com/owncloud-setup-...figuring-HTTPS is fairly Apache-specific.

From the link in my previous post, you may need to also do the following (at least the 2nd one):

I completely missed that. This is a big step forward. Now I can see finally that Apache is actually reading vhost-ssl.conf! But now the problem is that several directives which seem completely legitimate are interpreted as invalid.
And so on, and so forth. Any ideas why it would do that?

Following habitual's link, I had enabled an "owncloud-ssl" module (which didn't exist on my machine anyway) and disabled ssl. That's where the errors came from and that's why apache was seeing legitimate directives as invalid. Then I enabled ssl and disabled owncloud-ssl again.

After enabling SSL in /etc/sysconfig/apache2, ssl_request_log has also been generated under /var/log.

Even so, when I try https://mydomain.com(/owncloud), I get the same error.

Later edit:
I changed the Virtualhost directive from mydomain.com to *:443 and ssl seems to be working. The letsencrypt certificate is recognized by the browser. The only problem now is that I get a 403 forbiden error when prefixing with https, both with or without /owncloud.

Unbelievable! It works. The problem was that <Directory "/srv/www/htdocs"> was included in the <VirtualHost *:80>. I placed it outside and it works!

Thanks to both of you. You've been really helpful :) But the /etc/sysconfig/apache2 proved to be essential. It never crossed my mind, of course, because it doesn't exist in CentOS. A rather sad inconsistency between linux distros which made me spent a whole day on this... but I guess it was worth it in the end :)

Glad it worked out.
FWIW: I have never touched any /etc/sysconfig/apache2 getting all my https working.
httpd on CentOS and httpd on Ubuntu are not the same thing, as you have found out.

I had also asked a very knowledgeable person, but he couldn't come up with this solution. He was thinking of tinkering with the VirtualHost directive and so on, and so forth. So yeah. I don't like using too many distros, I'd prefer using only Centos/Redhat, but it can't be helped in this case.

I used https://www.digitalocean.com/communi...r-ubuntu-12-04
before I had Owncloud EE and that has it's own SSL chain built-in, I believe.

What did you use owncloud EE for?