Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1790066
  • 博文数量: 297
  • 博客积分: 285
  • 博客等级: 二等列兵
  • 技术积分: 3006
  • 用 户 组: 普通用户
  • 注册时间: 2010-03-06 22:04
个人简介

Linuxer, ex IBMer. GNU https://hmchzb19.github.io/

文章分类

全部博文(297)

文章存档

2020年(11)

2019年(15)

2018年(43)

2017年(79)

2016年(79)

2015年(58)

2014年(1)

2013年(8)

2012年(3)

分类: LINUX

2016-05-11 23:08:20

今天碰到Firefox error code: ssl_error_rx_record_too_long,
search 到一篇文章,我也贴出来如下:
For more detailed information you can check connection using openssl:
      openssl s_client -connect yourdomain.tld:*port*
(for example: openssl s_client -connect ssl-certificate.com:443)
There should be an output like the one below:
      error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:766:

rx_record_2.jpg

As you can see, in fact, the connection is established, however a handshake failed due to the absence of a certificate configured for the port.
You can also find details about such kind of a failed connection using a network analyzer like wireshark:

rx_record_3_f.jpg

As you can see this error is considered as a bad request from a client’s side, since the requested certificate is not configured on the server.
You may encounter this error with Apache, nginx or similar web servers. The issue is usually related to the incorrect VirtualHost record or in case a VirtualHost record is specified in the configuration file which is not listened by the webserver.
Fox example, in case of Apache the error will show up in Firefox if you have a line “Listen 443” in your VirtualHost file without an actual VIrtualHost record for port 443 or in case the record for port 443 is incorrect.
If you are not sure, how to deal with OpenSSL, VirtualHosts or just don’t have root access on your server, please ask your web-host provider for assistance.


经过我的实验:
openssl s_client -connect 失败
openssl s_client -connect -showcerts 无法查看到相应的certs.
nmap --script +ssl-enum-ciphers 直接去扫描target ,发现需要30分钟,这机器不知道发生了些什么。

应该是Web Server 那里的问题
另附一个看起来对openssl 很有研究的blog 地址:
http://blog.csdn.net/as3luyuan123/article/details/16812071
阅读(1144) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~