Hilfe durchsuchen

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Getting the error "SSL_ERROR_RX_RECORD_TOO_LONG" when attempting to access multiple different sites, sometimes goes away with refresh but sometimes prersists.

  • 13 Antworten
  • 15 haben dieses Problem
  • 62432 Aufrufe
  • Letzte Antwort von AliceWyman

more options

As stated in question, I've recently started getting the message "SSL_ERROR_RX_RECORD_TOO_LONG" when attempting to access various website intermittently. Sometimes reloading the page fixes it. Sometimes it doesn't. Error is only occurring in Firefox, not other browsers.

Ausgewählte Lösung

UPDATE: This issue has been added to the support article: https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message#w_avast-and-avg-security-products


Hi brown192, reports of this error have increased lately, and also that it can be intermittent. This is puzzling.

When you reload bypassing the cache does that make any difference? You can use either:

  • Ctrl+Shift+r
  • Shift+reload button

Alternately, you could test in a private window, which doesn't share cache or cookies with regular windows.


The only workaround I've seen mentioned so far was to turn off support for the newest and most secure connection protocol, TLS 1.3. Perhaps some sites or some intermediaries (security filters?) return data to Firefox that it finds invalid when this is enabled (TBD). To try that:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste TLS and pause while the list is filtered

(3) Double-click the security.tls.version.max preference to display a dialog where you can edit the value from 4 to 3 (or in other words, from TLS 1.3 to TLS 1.2). Then click OK.

If you reload the problem page, will it connect?

If you discover sites that respond to that workaround, could you share the URLs? Someone needs to study them and see what's going on.

Diese Antwort im Kontext lesen 👍 2

Alle Antworten (13)

more options

Ausgewählte Lösung

UPDATE: This issue has been added to the support article: https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message#w_avast-and-avg-security-products


Hi brown192, reports of this error have increased lately, and also that it can be intermittent. This is puzzling.

When you reload bypassing the cache does that make any difference? You can use either:

  • Ctrl+Shift+r
  • Shift+reload button

Alternately, you could test in a private window, which doesn't share cache or cookies with regular windows.


The only workaround I've seen mentioned so far was to turn off support for the newest and most secure connection protocol, TLS 1.3. Perhaps some sites or some intermediaries (security filters?) return data to Firefox that it finds invalid when this is enabled (TBD). To try that:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste TLS and pause while the list is filtered

(3) Double-click the security.tls.version.max preference to display a dialog where you can edit the value from 4 to 3 (or in other words, from TLS 1.3 to TLS 1.2). Then click OK.

If you reload the problem page, will it connect?

If you discover sites that respond to that workaround, could you share the URLs? Someone needs to study them and see what's going on.

Geändert am von jscher2000

more options

i would try to disable avast from meddling with ssl connections like described in How to troubleshoot security error codes on secure websites

more options

Currently misbehaving site for me: gmail.com

Bypassing cache and loading in private window both attempted without success.

Dropping to TLS 1.2 *does* fix the problem. Tested multiple times switching back and forth. With security.tls.version.max value set to "4" gmail will not load. With value set at "3" it loads properly. I'll leave it at "3" for now and see if I happen to run into any more sites causing problems. Error has been happening for about a week, but gmail today was the first time it continued to persist beyond a few reloads.

more options

Gmail supports TLS 1.3 (screenshot attached), so perhaps it is Avast Web Shield or a different intermediary which is causing the problem.

more options

Perhaps. Still seems like a problem on the Firefox side given that the error doesn't occur with other browsers. I'm also not sure why switching to TLS 1.2 would fix the problem if it was from the Avast web shield, but that's well beyond my technical knowledge.

more options

Hi brown192, I think we're all still trying to sort this out.

When you have a "man in the middle" like a security filter or proxy server, there actually are two connections: one from Firefox to the intermediary, and one from the intermediary to the website. They could use different protocols, different ciphers, etc.

Maybe I'll find an old computer I can load Avast on and see whether I noticed anything strange.

more options

jscher2000 said

Hi brown192, reports of this error have increased lately, and also that it can be intermittent. This is puzzling. When you reload bypassing the cache does that make any difference? You can use either:
  • Ctrl+Shift+r
  • Shift+reload button
Alternately, you could test in a private window, which doesn't share cache or cookies with regular windows.

The only workaround I've seen mentioned so far was to turn off support for the newest and most secure connection protocol, TLS 1.3. Perhaps some sites or some intermediaries (security filters?) return data to Firefox that it finds invalid when this is enabled (TBD). To try that:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste TLS and pause while the list is filtered

(3) Double-click the security.tls.version.max preference to display a dialog where you can edit the value from 4 to 3 (or in other words, from TLS 1.3 to TLS 1.2). Then click OK.

If you reload the problem page, will it connect?

If you discover sites that respond to that workaround, could you share the URLs? Someone needs to study them and see what's going on.

Hi jscher2000, you solution about tls max worked (while the cache bypass didn't). In my case I experienced that with www.google.it, simple as that. :)

more options

web.whatsapp.com is the only site misbehaving for me.

It's happening with MS Edge, too. Haven't checked Chrome yet.

more options

Hi foodi, it probably doesn't help, but here's how my Firefox connects to the site:

  • Protocol: TLS 1.3
  • Cipher: TLS_AES_128_GCM_SHA256

(As shown in the attached screenshot)

more options

jscher2000 said

Hi foodi, it probably doesn't help, but here's how my Firefox connects to the site:
  • Protocol: TLS 1.3
  • Cipher: TLS_AES_128_GCM_SHA256
(As shown in the attached screenshot)

You're right! I have no idea what to do with that information :) I did try the about:config TLS version hack. No effect.

more options

Hi foodi, do you have Avast, AVG, or any other "man in the middle" of your secure connections?

more options

There is Sophos AV Enterprise running on all work machines. But I seem to be the only one experiencing this problem. Also, it just started yesterday.

more options

To foodi:

This thread has been archived and closed, since it has been more than 180 days from the original post date (you posted your support request in an old, solved thread, started by someone else). See also Forum rules and guidelines.

Archived threads cannot be re-opened. If you are still having problems, please ask a new question. You can refer to this thread (/questions/1222739) for the background.