There is a lot of Difficult advice on this, so be careful what you trust.

In addition to my daily rules at Hashed Out, I also do several other SSL-related writing tasks throughout my day, one of which is the troubleshooting articles. Yesterday I was researching a KB article to resolve a Firefox error message: SSL_ERROR_RX_RECORD_TOO_LONG.

The problem with these articles that they are written in checkboxes on an SEO checklist rather than for security reasons. And that’s dangerous in this context because Google’s algorithm rewards SEO-optimized misinformation versus more accurate descriptions, which shouldn’t necessarily rank well.

So today, we will use our SEO powers forever and talk about the Firefox SSL_ERROR_RX_RECORD_TOO_LONG error. There appearances to be a lot of confusion as to what this error is. What does it mean? How to fix it. And speciously, we also need to outline some things that you definitely shouldn’t be doing.

What is SSL_ERROR_RX_RECORD_TOO_LONG?

Firefox’s SSL_ERROR_RX_RECORD_TOO_LONG note usually comes as a result of misconfiguration on the server-side. Contrary to what many of these guides tell you, there is generally not much an average Internet user can do to get past the SSL_ERROR_RX_RECORD_TOO_LONG message. Most tips are dangerous. It prompts the user to adjust something to account for the poor security of the website they are trying to visit.

SSL_ERROR_RX_RECORD_TOO_LONG Let’s start by covering the two primary reasons for the SSL_ERROR_RX_RECORD_TOO_LONG note from the attendant side:

The listening port misconfigures – If you want your website to make secure connections, you will need to configure it to use port 443.

They don’t support an adequate version of TLS – This problem started ten years ago with the advent of TLS 1.2 and reoccurred with TLS 1.3.

In most cases, the SSL_ERROR_RX_RECORD_TOO_LONG message occurs because of one of these two problems on the server-side. Let’s drive over how to fix both of them, and then we’ll go over a few other possible client-side fixes and what not to do from the client-side. Let’s start with the humblest of the two.

Update TLS Version Support to Fix SSL_ERROR_RX_RECORD_TOO_LONG

TLS 1.3 was officially published as RFC 8446 in mid-August. However, it’s not exactly new. About 28 drafts of the standard have been discussed and refined, but many prominent industry players knew enough about the middle to start rolling out support for it. As a result, most major browsers already have TLS 1.3 active, and many servers have already begun upgrading.

So what do you necessity to do to improve the TLS version support? You have to update your SSL / TLS library. Most servers and systems use the Open SSL library, which released its 1.1.1 update in September and supported TLS 1.3.

If you are not ready to support TLS 1.3 for whatever reason, at least make sure you support TLS 1.2. TLS 1.0 and SSL 3.0 support should now deprecate, and disabling TLS 1.1 is also highly recommended. So to recap:

  • Add support for TLS 1.3 ASAP
  • Make sure you support TLS 1.2 at least
  • Disable support for SSL 3.0, TLS 1.0, and (highly recommended) TLS 1.1
  • The Open SSL update will vary from server to server, but there is a lot of documentation to help you.

SSL_ERROR_RX_RECORD_TOO_LONG

Setting the correct Listening Port to Fix SSL_ERROR_RX_RECORD_TOO_LONG

As we mentioned previously, the correct listening port for HTTPS traffic is 443. So if you are using an irregular port or don’t have a trusted SSL / TLS certificate on that port, you are potentially going to trigger the SSL_ERROR_RX_RECORD_TOO_LONG message.

Again, the exact way to fix this will vary built on server kind, but if you impartial Google: Server name + Port 443 + HTTPS, you must be okay.

One more thing: be very careful that the exact terminology is correct as well. For example, on NGinX servers, “listen 443” will not work the way you need, but “listen to 443 SSL” will.

Solving SSL_ERROR_RX_RECORD_TOO_LONG For Consistent Users

Now let’s talk about what can be completed from a user point of view. If you are not ready to support TLS 1.3 for whatever reason, at least make sure you support TLS 1.2. TLS 1.0 and SSL 3.0 support should now be deprecated, and disabling TLS 1.1 is also highly recommended. So to recap:

  • Add support for TLS 1.3 ASAP
  • Make sure you support TLS 1.2 at least
  • Disable support for SSL 3.0, TLS 1.0, and (highly recommended) TLS 1.1
  • The Open SSL update will vary from server to server, but there is a lot of documentation to help you.

Clear your Cache

In some rare cases, clearance or bypassing the cache can resolve this problem. The coolest way to test this is to open an incognito or private window and access the website that way – without cache and cookies. In addition to incognito mode, you can also use:

  • Ctrl + Shift + R
  • Shift + click Reload
  • It probably won’t work, but it could. At least it’s not actively dangerous.

Also Read: How do I Fix MS Outlook Error [pii_email_4f90f9d82fb8e9c04529]?

Change the security.tls.version.max setting

It is where we officially begin to move closer to the dangerous advice. Here’s the thing, Microsoft has yet to provide full support for TLS 1.3 right now. So if you are a Microsoft user, it might be

helpful to reduce the TLS version support by one. It could be a situation where a website supports TLS 1.3, and Firefox believes it does too. But the operating system Firefox is running on cannot do this, and it generates the SSL_ERROR_RX_RECORD_TOO_LONG error.

TLS 1.3 So, if you are a Microsoft user, and only then, you may want to discontinue support for TLS 1.3 temporarily. Here’s how:

Exposed a new tab and type “about config” into the address bar

Enter “TLS” in the search field and filter the list

Double-click security.TLD.version.max

Change the 4 to a 3

The way Firefox quantifies its version support can be confusing. One is for TLS 1.0, 4 is TLS 1.3, and 3 is TLS 1.2.

I can’t reiterate this enough, don’t go back beyond TLS 1.2.

At this point, TLS 1.2 has out for ten years; its successor has been released. There is almost no defense for websites not to support at least 1.2. Older versions of TLS have known vulnerabilities.

Some Other Things That Can Fix SSL_ERROR_RX_RECORD_TOO_LONG But Probably Won’t

Here are some other non-dangerous tips that might resolve Firefox’s SSL_ERROR_RX_RECORD_TOO_LONG message. They maybe won’t, because most of them don’t address the source of the problem, but give them a try because who knows.

  • SSL_ERROR_RX_RECORD Try browsing in incognito mode. We already mentioned it above, but sometimes this can fix the problem.
  • Try using a VPN – again, this might work in some situations, but it’s not a foolproof solution by any resources.
  • Check your proxy settings – Occasionally, a misconfigured proxy can cause problems. Except you’re an IT admin, don’t mess with manually. And don’t disable the proxy, despite what some articles might suggest.
  • Update your browser – You shouldn’t need to receive an SSL_ERROR_RX_RECORD_TOO_LONG message to repeat you to update your browser regularly, but if you did, start keeping up with updates in the future.
  • Reinstall your browser – this could effort, or it can left-over ten minutes of your time.

Also Read: How to Fix [pii_email_631ecb328d62730e4502] Error?

What You Definitely MUST NOT Do To Fix SSL_ERROR_RX_RECORD_TOO_LONG

Let’s talk about some effects that you should not do if you are an internet user dealing with the SSL_ERROR_RX_RECORD_TOO_LONG message from Firefox. Many of these are just wrong instructions, and even if they worked to solve your problem, they would also open up a ton of attack vectors. You almost have to ask yourself, is this site worth visiting to risk an infected computer or worse? The answer is almost always no.

Here are a few things you should NOT do:

Don’t Switch To HTTP

https

 

There’s a reason Google is twisting the entire arm of the Internet to migrate to HTTPS. HTTP has faithfully served the Internet for about two decades, but it was never designed to secure data transmission. HTTP was developed when commercial activities were banned, and the Internet was intended solely for government-academic information exchange. HTTPS was created out of necessity when profitable activity finally became part of the Internet.

Of course, you should expect your communication with websites to be encrypted. HTTP is the standard today, in 2018—the standard. So, information like this.

The fastest way to access the website that is blocked by the annoying “Secure Connection Failed” message is to swap https: // with HTTP: // at the URL’s start. This workaround proves useful for many users, so feel free to try it out.

It is in decline and has to be called. Not only is this lousy instruction in this very exact context, but its lousy advice teaching people that are going back to HTTP is just bad for cybersecurity in general. The clue is that HTTPS should become so commonplace that it is an afterthought and should not be viewed as a barrier to visiting your favorite websites.

Don’t go back to HTTP. If that’s the only way to influence a website, that’s a sign right there.

Don’t Turn Off Your Antivirus.

It is another terrible tip:

Unfortunately, some lines of action taken by robust antivirus solutions can be too harsh. It can be the case for you, as your security tool could have faced specific SSL certificates or your Firefox in general. With that being said, we believe that you may need to temporarily disable your antivirus software and see if it is the evil behind your problem.

No, no-no. First of all, if your antivirus is hostile with your Firefox browser, it’s because it’s misconfigured, and you, or someone with the means, should look into it. But just turning it off is excellent advice. That would be like calling your security company because your home alarm sometimes goes off when you try to expose your front door, and they say, “Disable the alarm system. Problem solved.”

If you are not a Site Owner, The Best Way to Fix SSL_ERROR_RX_RECORD_TOO_LONG is to Interact with the Site Owner.

If you are not the site owner, the best information I can give you is to respond to Firefox’s SSL_ERROR_RX_RECORD_TOO_LONG by notifying the site owner. As we discussed, this is almost always the result of a server-side error and not something a regular internet user can fix.

Either way, definitely don’t disable your antivirus, lower the TLS version support to 0, or go back to HTTP.

Related Articles:

How to Fix [pii_email_c31346fff2b6307b017b] Error Code

Related Search Terms:

ssl_error_rx_record_too_long
network protocol error firefox
error code: ssl_error_rx_record_too_long
rfc myvidster
firefox update problems 2018
warezbb twitter
unraid encryption
firefox network protocol error
google secure connection failed
error code ssl_error_rx_record_too_long firefox
what is firefox hotfix
firefox secure connection failed authenticity of the received data could not be verified
error code ssl_error_bad_mac_read
firefox failed to read configuration file
firefox error code: ssl_error_rx_record_too_long
ssl_error_rx_record_too_long mozilla
gmail secure connection failed
ssl_error_rx_record_too_long google
hpfanficarchive beginning a new path

Review How to Solve the SSL_ERROR_RX_RECORD_TOO_LONG Firefox Error.

Your email address will not be published. Required fields are marked *