Hello guys!
I know there are a lot of Users reporting that the browser returns SSL_ERROR_RX_RECORD_TOO_LONG but I did not found any solution for my problem… so I hope that u can help me.
I am using HAProxy as a forwarding proxy! I got any local server and so I am not using load balancing.
To make it easier… my simplified haproxy.conf:
frontend https_front
bind *:443 transparent
mode tcp
some ACLs…
use_backend https_back
backend https_back
mode tcp
source 0.0.0.0 usesrc client
server sv 0.0.0.0
everything works great! UNTIL i change the server config to “server sv 0.0.0.0 ssl”. When I config in this way the Client’s Browser is showing: An error occurred during a connection to www.facebook.com. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG
Why I need the ssl option? I added a fetch method to the source code to read out the common name of the backend-servers certificate and this only works if the ssl option is present - otherwise it seems like that haproxy do not verify the backend connection as a SSL/TLS connection and so I can not get the certificate (in a easy way).
May u have ideas for me… this would save me a lot of time of editing more code.