Apache2 fixing the dreaded “ssl_error_rx_record_too_long”

Recently we started trying to configure an HTTP instance to use a self-signed certificate. No matter what we had tried, we kept receiving the “ssl_error_rx_record_too_long” error in Firefox.

The server was running CentOS 6 and had been used for years, so we had almost resorted to just rebuilding it from scratch. We were reviewing the HTTPD.conf file and noticed a small comment

#NOTE: NameVirtualHost cannot be used without a port specifier
# (e.g. :80) if mod_ssl is being used, due to the nature of the
# SSL protocol.

Sure enough, a few lines down Webmin had added “NameVirtualHost *” even though we were using mod_ssl.

Quickly commenting that line and adding the correct lines (see below), we were able to get apache to start using our SSL certs immediately.

NameVirtualHost :80
NameVirtualHost :443