SSL Certificate exceeds maximum permissible length — error:(ssl_error_rx_record_too_long)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Description: Ubuntu 8.04.3 LTS
Release: 8.04
apache2 (Version: 2.2.8-1ubuntu0.15)
openssl (Version: 0.9.8g-4ubuntu3)
I have Ubuntu Server 8.04 installed as a Mail Server with iRedMail-0.6.0 using RoundCube Webmail installed. I am only getting the SSL Cerificate exceeds maximum permissible length -- error:(
https:/
What I mean by that is, when I am at home, on my network, I can get to both of those address with no issues and no problems outside of the excepting the SSL Certificate error (that is with every browser -- the standard SSL Security Error) but when I am at school, or my parents, or any of my friends houses and I try to connect to my mail servers Web Interface I get the SSL Certificate exceeds maximum permissible length -- error:(
I have read many posts and I have tried almost every one of them with no success to include the following actions:
1) I have replaced the standard iRedMail.pem & iRedMail.key with SSL files that I have generated to include 1 using 256bit count, 1 using 512bit count, 1 using 1024bit count, 1 using 2048bit count.
2) I jave tried to use the SnakeOil files that come with iRedMail and still same error.
3) I have verified that SSL Support for apache is running -- I can get to https:/
4) I verified that the /etc/apache2/
Modified Configuration -- from sites-available
NameVirtualHost *:443
<VirtualHost *:443>
ServerAdmin <email address hidden>
DocumentRoot /var/www
# Enable SSL.
SSLEngine On
SSLCertific
SSLCertific
Alias /mail "/usr/share/
Alias /webmail "/usr/share/
Alias /roundcube "/usr/share/
Alias /phpmyadmin "/usr/share/
Alias /mysql "/usr/share/
Alias /postfixadmin "/usr/share/
Alias /awstats-icon "/usr/share/
ScriptAlias /awstats "/usr/lib/
</VirtualHost>
Original Configuration -- from sites-available
NameVirtualHost *:443
<VirtualHost *:443>
ServerAdmin <email address hidden>
DocumentRoot /var/www
# Enable SSL.
SSLEngine On
SSLCertific
SSLCertific
Alias /mail "/usr/share/
Alias /webmail "/usr/share/
Alias /roundcube "/usr/share/
Alias /phpmyadmin "/usr/share/
Alias /mysql "/usr/share/
Alias /postfixadmin "/usr/share/
Alias /awstats-icon "/usr/share/
ScriptAlias /awstats "/usr/lib/
</VirtualHost>
sites-enabled
NameVirtualHost *:443
<VirtualHost *:443>
ServerAdmin <email address hidden>
DocumentRoot /var/www
# Enable SSL.
SSLEngine On
SSLCertific
SSLCertific
Alias /mail "/usr/share/
Alias /webmail "/usr/share/
Alias /roundcube "/usr/share/
Alias /phpmyadmin "/usr/share/
Alias /mysql "/usr/share/
Alias /postfixadmin "/usr/share/
Alias /awstats-icon "/usr/share/
ScriptAlias /awstats "/usr/lib/
</VirtualHost>
5) I ran apt-get update & apt-get upgrade before installing iRedMail-0.6 to ensure that I had the latest packages.
6) I have tried all of the modifications listed for each of the web browsers and still get same error.
7) I have reset my PK5000 Qwest DSL Modem with no effect
8) I have re-done all routing and port forwarding on that DSL Modem/Router again with no effect
9) I have ran wireshark to verifiy that the packets being recieved from both the Internal Network and External Networks match and they are the same outside of IP addresses.
I am at a loss with why I can get to my mail servers web page from my network but cannot once I go outside of my network.
Can Anyone Please Help Me with this Issue, its starting to drive me NUTS and I really want to get this fixed.
Thanks in advance for your Help
# -- Added July 10th, 2010
OK since about Jun 25th I have solved this issue, and it was my DSL Modem that was causing the problem. I have posted a Comment with what I had to do to fix the issue. So if you are having a similar issue this might be a good place to look for a Solution to your problem.
description: | updated |
I recall having a similar issue trying to set up Zoneminder's web interface to use ssl. www.tc. umn.edu/ ~brams006/ selfsign_ ubuntu. html got me through it.
The info on this page http://
I'm guessing it is likely an error in your config and not a bug.
I think what finally resolved it for me was creating a separate file /etc/apache2/ sites-available /ssl with the config for the ssl stuff, then creating the symlink /etc/apache2/ sites-enabled/ ssl pointing to it, while leaving /etc/apache2/ sites-available /default as it was.
Attached is my /etc/apache2/ sites-available /ssl in case you may find it helpful.