TLS error even with new cert

Help
1

I am getting the following error on Firefox, Chrome etc

An error occurred during a connection to recipeapix789.cookingisfun.ie. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG

This is a domiain that has been working over TLS https for some time.

The server was recently restored from backup, however since then I deleted and had caddy recreate TLS Certs.

Is there a way I can get more info?

I am running Caddy 0.10.0

Anyone know what this error is and how to solve?

2

There’s an Apache server at recipeapix789.cookingisfun.ie:443. It also seems horribly misconfigured - it’s serving HTTP on :443. Can’t say I’ve ever seen that one before.

whitestrake at ERASMUS in ~
→ curl -i https://recipeapix789.cookingisfun.ie/
curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol

whitestrake at ERASMUS in ~
→ curl -i http://recipeapix789.cookingisfun.ie:443/
HTTP/1.1 403 Forbidden
Date: Wed, 12 Jul 2017 14:00:47 GMT
Server: Apache/2.4.2 (Win64) PHP/5.6.18
Content-Length: 202
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /
on this server.</p>
</body></html>

Caddy seems to be answering on :80 just fine though.

whitestrake at ERASMUS in ~
→ curl -i http://recipeapix789.cookingisfun.ie/
HTTP/1.1 301 Moved Permanently
Alt-Svc: quic=":80"; ma=2592000; v="37,36,35"
Alternate-Protocol: 80:quic
Connection: close
Location: https://recipeapix789.cookingisfun.ie/
Server: Caddy
Date: Wed, 12 Jul 2017 14:02:56 GMT
Content-Length: 73
Content-Type: text/html; charset=utf-8

<a href="https://recipeapix789.cookingisfun.ie/">Moved Permanently</a>.

I have to assume that Apache actually has bound port :443 since if Caddy was proxying it you’d still likely have working HTTPS, regardless of what Apache served up.

1 Like
3

Fixed thanks.

In my slightly mangled setup I let apache capture 443 on startup otherwise windows takes it before caddy runs. Usually I then change apache config and start caddy. This time I didn’t change apache so apache was trying to serve http over port 443.

I need to change how I run on startup. Maybe set up caddy service. Thanks for your help

4

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.