SSL error Zend Framework BoxAPi

Question

I've a problem connecting to an Oauth2 APi, which requires a HTTPS connection. So i'm trying to configure ssl on my server (apache2) to serve the callback address i gave to the Box-API, which is an https address.

But i keep getting this error:

 (Codice di errore: ssl_error_rx_record_too_long)

So i've searched the web and i found out that i had to set ssl_mod on my server. But when i wrote the LoadModule line in the files and restarted the server it said that the module was already built-in, so i had a look at the configuration. Httpd.conf has those lines:

 <IfModule ssl_module>
 SSLRandomSeed startup builtin
 SSLRandomSeed connect builtin
 Listen 443
 </IfModule>
 [...]
 <VirtualHost *:443>
 ServerName localhost
 SSLProxyEngine on
 SSLEngine on
 SSLCertificateFile /usr/local/zend/apache2/server.crt
 SSLCertificateKeyFile /usr/local/zend/apache2/host.nopass.key
 </VirtualHost>

Besides the httpd-ssl.conf is the following:

 #SSLRandomSeed startup file:/dev/random  512
 #SSLRandomSeed startup file:/dev/urandom 512
 #SSLRandomSeed connect file:/dev/random  512
 #SSLRandomSeed connect file:/dev/urandom 512
 [...]
 Listen *:443
 AddType application/x-x509-ca-cert .crt
 AddType application/x-pkcs7-crl    .crl

 SSLPassPhraseDialog  builtin
 SSLSessionCache        "shmcb:/usr/local/zend/apache2/logs/ssl_scache(512000)"
 SSLSessionCacheTimeout  300
 SSLMutex  "file:/usr/local/zend/apache2/logs/ssl_mutex"

 <VirtualHost _default_:443>

 #   General setup for the virtual host
 DocumentRoot "/usr/local/zend/apache2/htdocs"
 ServerName localhost:443
 ServerAdmin
 ErrorLog "/usr/local/zend/apache2/logs/error_log"
 TransferLog "/usr/local/zend/apache2/logs/access_log"
 SSLEngine on
 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
 SSLCertificateFile "/usr/local/zend/apache2/server.crt"
 #SSLCertificateFile "/usr/local/zend/apache2/conf/server-dsa.crt"

 SSLCertificateKeyFile "/usr/local/zend/apache2/host.nopass.key"
 #SSLCertificateKeyFile "/usr/local/zend/apache2/conf/server-dsa.key"

 #SSLCertificateChainFile "/usr/local/zend/apache2/conf/server-ca.crt"
 #SSLCACertificatePath "/usr/local/zend/apache2/conf/ssl.crt"
 #SSLCACertificateFile "/usr/local/zend/apache2/conf/ssl.crt/ca-bundle.crt"
 #SSLCARevocationPath "/usr/local/zend/apache2/conf/ssl.crl"
 #SSLCARevocationFile "/usr/local/zend/apache2/conf/ssl.crl/ca-bundle.crl"
 #SSLVerifyClient require
 #SSLVerifyDepth  10
 #<Location />
 #SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
 #            and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
 #            and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
 #            and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
 #            and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20       ) \
 #           or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
 #</Location>
 #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
 <FilesMatch "\.(cgi|shtml|phtml|php)$">
     SSLOptions +StdEnvVars
 </FilesMatch>
 <Directory "/usr/local/zend/apache2/cgi-bin">
       SSLOptions +StdEnvVars
 </Directory>

 BrowserMatch ".*MSIE.*" \
     nokeepalive ssl-unclean-shutdown \
     downgrade-1.0 force-response-1.0

 CustomLog "/usr/local/zend/apache2/logs/ssl_request_log" \
      "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

 </VirtualHost>

I've made a post in ZendForum too.

UPDATE: The problem might not be in the apache configuration but in the browser, i've found a lot of people online who say that this is a browser misconfiguration. Now if i navigate to:

 https://localhost

i get the content of the page, but if i try to connect with an external service (like the api i have to use) the error remains the same. I'm checking logs right now.

Try changing your http-ssl.conf file. The line which starts `SSLCipherSuite` - change it to `SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM:+SSLv3` http://stackoverflow.com/questions/119336/ssl-error-rx-record-too-long-and-apache-ssl — madebydavid, Jan 24 '14 at 15:41
Tryied, doesn't help. I got https://localhost working, but https://localhost/project/page doesn't work, it keeps giving me that error. Could it be a problem of the browser? — softwareplay, Jan 24 '14 at 15:59
Ok. how about if you remove the port number from the `ServerName` line?: `ServerName localhost` — madebydavid, Jan 24 '14 at 16:15

score 0 · Answer 1 · answered Jan 24 '14 at 17:05

The answer is NOT simple. However I had to change the certificates and set as CommonName as localhost. Then in httpd-ssl.conf i had to set the virtualhost to work with the 10088 port, not the 443, because the URL i had to make as https was on that port, so i had to activate the right virtualhost on ssl to get it working. These are my 2 cents...

SSL error Zend Framework BoxAPi

1 Answers1