NSS 324 - Management HTTPS Error

Unanswered Question
Jul 6th, 2010

Hi Folks,

I've noticed if you enable SSL management, and navigate directly using https://<nss ip> the following error is displayed:

Secure Connection Failed

An error occurred during a connection to ........

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)

however if you navigate via http://<ip> then it is redirected to https.

done using firefox 3.6.6.

Cheers,

Dan

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
clindoan Tue, 07/06/2010 - 08:59

I think the proxy from your browser setting can cause this error. I have experienced that some proxies can't handle secure connections.

You can find the connection setting from Firefox: Tools > Options >  Advanced,  Network tab : Click on Connection (check to make sure you have the right port for SSL connection. If you do not need to use a proxy to connect to internet then select No  Proxy or set to auto detect proxy.

The root cause for this particular issue is a mismatch between the IP address being published for  the domain between a client (PC broswer) and a server (NSS) and the IP address in  Apache's httpd-ssl.conf file (Example: 127.0.0.2 (server) vs. 127.0.0.1 (client)). When  the browsers (any browser) tried to do an https: type SSL connection, they were trying  on port 127.0.0.1:443. Apache wasn't listening there and the fetch  failed. This error is a common error when a mismatch on port number for SSL connection between client and server (if a broswer is set with a proxy- a default port is set but it can be any port determined by user which can cause this issue).

In your case, when a HTTP is connected and redirected for HTTPS port defined from NSS, your browser is using the port determined by NSS.  Then everything is working fine.  Your browser will be cached to the working port and it should be working fine. However, you may see this issue again if you are not resolve the port between client and server for SSL connection.

Hope this is helps! Please let me know

danhughe Tue, 07/06/2010 - 09:20

Thanks for the suggestion but I'm not using a Proxy, i've checked settings and all are ok. I've also tried using IE and Chrome and get page cannot be displayed error which is slightly different.

Just to confirm:

This only happens when i enter https, if i enter http then reforwarding happens in the browser to https.

Actions

Login or Register to take actions

This Discussion

Posted July 6, 2010 at 3:56 AM
Stats:
Replies:2 Avg. Rating:
Views:908 Votes:0
Shares:0

Related Content

Discussions Leaderboard