[squid-users] SSL_ERROR_RX_RECORD_TOO_LONG
Alex Rousskov
rousskov at measurement-factory.com
Tue Apr 30 14:36:26 UTC 2019
On 4/30/19 8:04 AM, Giacomo Trovato wrote:
> I've pfSense with Squid + SquidGuard (Splice All - no CA certificate).
> It worked well until one month ago, now sometimes appears the error
> message SSL_ERROR_RX_RECORD_TOO_LONG (see attachment).
> It appears randomly on all PC / smartphone on different HTTPS sites.
> The devices connected directly (no proxy) work properly.
> Any hint?
What is your current Squid version?
The browser claims that your Squid sent it a very long (most likely
malformed) TLS record. If this does not happen without Squid, then this
is likely a Squid bug. I see references to similar problems in old
(Squid v3) web posts.
* If you can reproduce with Squid v4 or later, the best next step is to
share a packet capture of the offending transaction along with the
cache.log after setting debug_options to ALL,9. Please compress large
files before sharing.
* If you cannot reproduce with Squid v4 or later, then the best next
step is to upgrade your Squid.
HTH,
Alex.
More information about the squid-users
mailing list