Secure Connection Failed


#1

Just installed Dradis CE on my Kali Box. When I go to the web interface, I get:

Secure Connection Failed

An error occurred during a connection to localhost:3000. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG

Anyone else experience this?


How-To: Install Dradis-CE 3 on Ubuntu Server 16.04
#2

@rocco920 I’m Rachael with the Dradis support team. Let’s get this sorted out! What command are you running to get the start the Dradis server? (e.g. are you running in production?). Also, what version of Kali are you running?


#3

Hi, I’m having the same issue.
An error occurred during a connection to localhost:3000. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG

I found a temporary fix by using http instead of https. This isn’t ok in the long run however.

I followed the Kali instructions very carefully.
I’m using the latest Kali, fully updated and everything.

This is the console output when I start the rails server:

root@kali:/usr/lib/dradis-ce/bin# bundle exec rails server
=> Booting Thin
=> Rails 5.1.3 application starting in development on http://localhost:3000
=> Run `rails server -h` for more startup options
Thin web server (v1.6.3 codename Protein Powder)
Maximum connections set to 1024
Listening on localhost:3000, CTRL+C to stop

Notice that the server is using http, not https.
By the way, during the dradis-ce setup, I didn’t notice any certificate creation.

N.B. I don’t know if it is related or not to the following problem, but it sounds similar.

Regards
Damien


Dradis needs SSL/TLS
#4

The problem/solution is what @DamienDaco’s post says.

In production mode, Dradis/Rails forces to use https.
But in production mode the idea is to have in front of the ruby server a web server (nginx?) with ssl enabled.

If you want to use production mode in your local environment, you can:

  • disable ssl: edit environment/production.rb and set config.force_ssl = false
  • enable ssl in your ruby web server. If you are running thin @DamienDaco it looks like
    it is as simple as running bundle exec thin start --ssl

Also, If you run once the app in production/https, and later want to rollback to development/http, you may notice that the browser (chrome) keeps redirecting you the the https version. This is due to the fact that config.force_ssl = true sets the HSTS header. This may be disabled by visiting chrome://net-internals/#hsts or by reloading with “Empty Cache and Hard Reload” (both solutions detailed here: https://stackoverflow.com/questions/25277457/google-chrome-redirecting-localhost-to-https)


#5

Hi xavi,

there was a typo in the solution. Requesting you to change it.

Actual: * diable ssl: edit environment/profuction.rb and set config.force_ssl = false
Expected: * diable ssl: edit environment/production.rb and set config.force_ssl = false

Change: production instead profuction


#6

@sboddepalli, thanks for catching that! I was able to fix the typo in @xavi’s response and I think all is well now. Anything else we can help with?


#7

@rachkor, Thank you for your ownership and prompt response.

Sincerely,
Sasi