Secure Connection Failed: SSL received a record that exceeded the maximum permissible length

Failing connection after update. Cannot connect via Firefox, Chrome or Safari. Everything worked perfect prior. Running through Docker on unRaid. Latest update installed.

Thoughts?

This usually means that you are attempting to talk HTTPS over a connection where the other side talks HTTP, e.g syncthing sends plain HTTP while your browser is trying to negotiate TLS (HTTPS).

So I tried to remove the https and just go through the IP&port number but it automatically tried to go through the https route.

This is what I get when trying to just use the IP address:

The error still looks like it’s going through https, given its a SSL error

Any recommendation on how to bypass the SSL forcing in the browser?

Did you try to explicitly prefix it with http:// ?

yes, it automatically reverts to https when I hit ‘Enter’

Sounds like an extension that forces https, or a recent change/update in your browser, that made forcing https the default. I’d expect a quick search for your browser name, https and “This site can’t provide a secure connection” to clear things up.

Secure Connection Failed

A Secure Connection Failed error page will include a description of the error, an option to report the error to Mozilla and a Try Again button. There is no option to add a security exception to bypass this type of error.

‘pulled off Mozilla site’…now what?

In Mozilla Firefox (v.88.01) you can disable https-only Mode if you go to Privacy & Security settings under “options” and scroll to the bottom of the page. Worth a try.

did you click on the button “learn more”? i think i remember having encountered such a message before and there were more options there. Not sure though. Foggy memories.

It was mentioned that the problem occurred in both Firefox, Chrome, and Safari though. This would indicate that it is likely not the browser. It could still be an extension though, if the same one is being used in all these browsers.

Does the same thing happen when using incognito/private browsing (where all extensions should be disabled by default)?

Yes, I receive the same error page on all browsers.

Yea, takes me to the same page that says nothing can be done about this error.

Could you check the certificate using the openssl cli command?

openssl s_client -connect 192.168.1.202:8384

Linux and maybe Mac should have it preinstalled.

Windows: Binaries - OpenSSLWiki

no peer certificate available

No client certificate CA names sent

SSL handshake has read 5 bytes and written 0 bytes

New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Start Time: 1622729330 Timeout : 7200 (sec) Verify return code: 0 (ok)

Looks like it fails to find a cipher suite.

Could you try the following utility to check which ones are offered by the server?

Their release page has precompiled Windows binaries.

1 Like

The handshake consisted of just 5 bytes and therefore whatever was send on the other side was probably broken.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.