Secure Connection Failed: SSL received a record that exceeded the maximum permissible length

Dima · June 2, 2021, 1:54pm

Failing connection after update. Cannot connect via Firefox, Chrome or Safari. Everything worked perfect prior. Running through Docker on unRaid. Latest update installed.

Thoughts?

Nummer378 · June 2, 2021, 4:53pm

This usually means that you are attempting to talk HTTPS over a connection where the other side talks HTTP, e.g syncthing sends plain HTTP while your browser is trying to negotiate TLS (HTTPS).

Dima · June 2, 2021, 4:59pm

So I tried to remove the https and just go through the IP&port number but it automatically tried to go through the https route.

This is what I get when trying to just use the IP address:

AudriusButkevicius · June 2, 2021, 5:33pm

The error still looks like it’s going through https, given its a SSL error

Dima · June 2, 2021, 5:35pm

Any recommendation on how to bypass the SSL forcing in the browser?

AudriusButkevicius · June 2, 2021, 5:45pm

Did you try to explicitly prefix it with http:// ?

Dima · June 2, 2021, 5:56pm

yes, it automatically reverts to https when I hit ‘Enter’

imsodin · June 2, 2021, 6:02pm

Sounds like an extension that forces https, or a recent change/update in your browser, that made forcing https the default. I’d expect a quick search for your browser name, https and “This site can’t provide a secure connection” to clear things up.

Dima · June 2, 2021, 10:44pm

Secure Connection Failed

A Secure Connection Failed error page will include a description of the error, an option to report the error to Mozilla and a Try Again button. There is no option to add a security exception to bypass this type of error.

‘pulled off Mozilla site’…now what?

Thilo · June 2, 2021, 11:28pm

In Mozilla Firefox (v.88.01) you can disable https-only Mode if you go to Privacy & Security settings under “options” and scroll to the bottom of the page. Worth a try.

Thilo · June 2, 2021, 11:29pm

did you click on the button “learn more”? i think i remember having encountered such a message before and there were more options there. Not sure though. Foggy memories.

tomasz86 · June 3, 2021, 1:21am

It was mentioned that the problem occurred in both Firefox, Chrome, and Safari though. This would indicate that it is likely not the browser. It could still be an extension though, if the same one is being used in all these browsers.

Does the same thing happen when using incognito/private browsing (where all extensions should be disabled by default)?

Dima · June 3, 2021, 1:02pm

Yes, I receive the same error page on all browsers.

Dima · June 3, 2021, 1:09pm

Yea, takes me to the same page that says nothing can be done about this error.

bt90 · June 3, 2021, 2:08pm

Could you check the certificate using the openssl cli command?

openssl s_client -connect 192.168.1.202:8384

Linux and maybe Mac should have it preinstalled.

Windows: Binaries - OpenSSLWiki

Dima · June 3, 2021, 2:09pm

no peer certificate available

No client certificate CA names sent

SSL handshake has read 5 bytes and written 0 bytes

New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Start Time: 1622729330 Timeout : 7200 (sec) Verify return code: 0 (ok)

bt90 · June 3, 2021, 2:33pm

Looks like it fails to find a cipher suite.

Could you try the following utility to check which ones are offered by the server?

Their release page has precompiled Windows binaries.

Nummer378 · June 3, 2021, 8:14pm

The handshake consisted of just 5 bytes and therefore whatever was send on the other side was probably broken.