I had this issue when working on a Java Project in Debian 10 with Tomcat as the application server.
The issue was that the application already had https defined as it's default protocol while I was using http to call the application in the browser.
I however tried using the https protocol in the browser but it didn't connect throwing the error:
Secure Connection Failed
An error occurred during a connection to 34.72.188.50:8009. SSL received a record that exceeded the maximum permissible length.
Error code: SSL_ERROR_RX_RECORD_TOO_LONG
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
Here's how I solved it:
I first had to create a keystore file for the application, more like a self-signed certificate for the https protocol:
sudo keytool -genkey -keyalg RSA -alias tomcat -keystore /usr/share/tomcat.keystoreNote: You need to have Java installed on the server to be able to do this. Java can be installed using sudo apt install default-jdk.
Next, I added a https Tomcat server connector for the application in the Tomcat server configuration file (/opt/tomcat/conf/server.xml):
sudo nano /opt/tomcat/conf/server.xmlAdd the following to the configuration of the application. Notice that the keystore file location and password are specified. Also a port for the https protocol is defined, which is different from the port for the http protocol:
<Connector protocol="org.apache.coyote.http11.Http11Protocol" port="8443" maxThreads="200" scheme="https" secure="true" SSLEnabled="true" keystoreFile="/usr/share/tomcat.keystore" keystorePass="my-password" clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8" compression="force" compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css"/>So the full server configuration for the application looked liked this in the Tomcat server configuration file (/opt/tomcat/conf/server.xml):
This time when I tried accessing the application from the browser using:
//my-server-ip-address:https-portIn my case it was:
35.123.45.6:8443it worked fine. Although, I had to accept a warning which added a security exception for the website, since the certificate used is a self-signed one.
That's all.
I hope this helps
Got "Bad Request This combination of host and port requires TLS" when access the link to CA WA ESP REST API
calendar_today
Updated On:
Products
ESP Workload Automation
Issue/Introduction
We have started with ESP REST API STC with TLS configured. When access it thru web browser with HTTPS, we got error:
Bad Request This
combination of host and port requires TLS.
Environment
Release : 12.0
Component : CA ESP WORKLOAD AUTOMATION
Cause
There are two possible causes:
#1 Sometimes even you enter HTTPS on web browser, it may still be resolved to HTTP. #2 If you want REST server to actually do the encryption. But if there is also AT-TLS
rule for the same port, AT-TLS will encrypt already encrypted communication.
Resolution
Solutions:
#1 Make sure HTTPS is used.
#2 Check if AT-TLS is set on MVS system; if yes, then the ESP REST API port should be excluded.
Feedback
thumb_up Yes
thumb_down No