tag:tenfourfox.tenderapp.com,2012-01-07:/discussions/problems/9068-getting-a-ssl_error_rx_record_too_long-error-on-some-site-on-commercial-wifi-with-portalTenFourFox: Discussion 2020-12-16T22:21:52Ztag:tenfourfox.tenderapp.com,2012-01-07:Comment/488399702020-11-22T11:17:16Z2020-11-22T11:17:16ZGetting a SSL_ERROR_RX_RECORD_TOO_LONG error on some site on commercial wifi with portal<div><p>It's possible that the public wifi access is misconfigured or blocking ports or certain protocols or sites or TLS versions.</p>
<p>It's interesting to note that Mozilla, Wikipedia and Google all use TLS 1.3 if the client supports it (and fall back to 1.2 if it doesn't), whereas radaris.com uses TLS 1.2 exclusively. You could try to (temporarily) set security.tls.version.max to 3 in about:config, which forces everything back to TLS 1.2, which is still 'secure enough'.</p>
<p>If that doesn't help, you should try to use another computer running a recent Firefox and OS version and see if the error happens there as well. If so, there is nothing you can do except to tell the admin of the public wifi about the problem (if possible) and ask them to configure their access point properly.</p>
<p>If it works with a modern Firefox version please report back here.</p></div>Chris (chtrusch)tag:tenfourfox.tenderapp.com,2012-01-07:Comment/488399702020-11-22T15:39:52Z2020-11-22T15:39:52ZGetting a SSL_ERROR_RX_RECORD_TOO_LONG error on some site on commercial wifi with portal<div><p>Hi Chris,</p>
<p>thanks for the feedback. This network is horrendous so no surprised if it is half-misconfigured and half-outdated filtering.</p>
<p>The additional tests are a mixed bag. On the good news side, a Firefox 83 under win10 on the same network and the usual suspects are connecting fine. I have attached the connection status from the FF 83 + the cert chain as seen by FF once connected.<br>
On the bad news side, I forced the TLS level as documented and I get the same error (even after several restart of TFF). For the sake of completeness, I downloaded TFF FPR29 and got the same result (with and without the limit to 3). I tried to use the developer network tool to get more insight on the TLS handshake but it was not providing more information.</p>
<p>If necessary, I can try to find an older version of WireShark and run a packets dump of the traffic when opening the connection to wikipedia if it can shed more light on what happens.<br>
Surprisingly, the Radaris information was not showing a much shorter key (TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 256 bit keys, TLS 1.2) than wikipedia with FF 83 (TLS_AES_128_GCM_SHA256, 128 bit keys, TLS 1.3), just a different set of ciphers.</p></div>dr_no7tag:tenfourfox.tenderapp.com,2012-01-07:Comment/488399702020-11-28T15:20:56Z2020-11-28T15:20:56ZGetting a SSL_ERROR_RX_RECORD_TOO_LONG error on some site on commercial wifi with portal<div><p>Can you try Leopard Webkit with your 10.5 PowerBook G4?<br>
<a href="https://sourceforge.net/projects/leopard-webkit/">https://sourceforge.net/projects/leopard-webkit/</a></p></div>Chris (chtrusch)tag:tenfourfox.tenderapp.com,2012-01-07:Comment/488399702020-12-11T12:30:29Z2020-12-11T12:30:29ZGetting a SSL_ERROR_RX_RECORD_TOO_LONG error on some site on commercial wifi with portal<div><p>Turns out I ran out of time and my access expired (few days before moving out anyway).<br>
This ticket can be closed as "unreproducible" for now until somebody else run into such weird commercial access point config.</p>
<p>Thanks for the help =)</p></div>dr_no7tag:tenfourfox.tenderapp.com,2012-01-07:Comment/488399702020-12-16T22:21:51Z2020-12-16T22:21:51ZGetting a SSL_ERROR_RX_RECORD_TOO_LONG error on some site on commercial wifi with portal<div><p>Okay. If you can trigger it again, any reply to this ticket will reopen it.</p></div>Cameron Kaiser