Hi! I’m on MacOS Sonoma 14.4.1, and when I try to load many Spaces, such as MusicGen Web - a Hugging Face Space by Xenova, I get SSL_ERROR_RX_RECORD_TOO_LONG errors in Chrome and Firefox, so I have to use Safari, which I don’t otherwise.
CLI system curl shows the same error:
$ curl -IHEAD https://xenova-musicgen-web.static.hf.space/index.html
curl: (35) LibreSSL/3.3.6: error:1404B42E:SSL routines:ST_CONNECT:tlsv1 alert protocol version
Any ideas on what in your SSL config might be causing this?
I am experiencing the same thing on FF. Illusion Diffusion IllusionDiffusion - a Hugging Face Space by AP123
Although, another user has shared an image on the community section suggesting that they have used it recently.
Same here. I am experiencing the same error with a space I created recently.
‘Secure Connection Failed’ Error code: SSL_ERROR_RX_RECORD_TOO_LONG.
I tried to restart the space and even factory rebuilt it, but still not working. Any ideas to fix this error?
I’m running on Linux and both chrome and firefox get this as well. Started last week.
Are there any updates on this, @sgugger?
Hi everyone, a few folks have been experiencing this error; it seems to be related to ISP blocking. Could you please try and see if it’s related to Safe Browse?
curl -v http://test.hf.space/
https://discussions.apple.com/thread/250969982?sortBy=best
You are totally right, @radames. It is related to ISP blocking. I just changed my Internet provider, and I was able to access the Hugging Face Spaces. Thank you.
1 Like
As I mentioned above, I am seeing an error in curl.
$ curl -v https://test.hf.space/
* Trying 52.206.118.51:443...
* Connected to test.hf.space (52.206.118.51) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
* CAfile: /etc/ssl/cert.pem
* CApath: none
* LibreSSL/3.3.6: error:1404B42E:SSL routines:ST_CONNECT:tlsv1 alert protocol version
* Closing connection
curl: (35) LibreSSL/3.3.6: error:1404B42E:SSL routines:ST_CONNECT:tlsv1 alert protocol version
Unfortunately I have Comcast internet here in the US with no alternative.
could you also please try without s
curl -v http://test.hf.space/
Sure! I get a 301 redirect to HTTPS including the port number.
$ curl -v http://test.hf.space/
* Trying 54.83.186.239:80...
* Connected to test.hf.space (54.83.186.239) port 80
> GET / HTTP/1.1
> Host: test.hf.space
> User-Agent: curl/8.4.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Server: awselb/2.0
< Date: Mon, 15 Apr 2024 20:12:01 GMT
< Content-Type: text/html
< Content-Length: 134
< Connection: keep-alive
< Location: https://test.hf.space:443/
<
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
</body>
</html>
* Connection #0 to host test.hf.space left intact
I got a new one today; my first load of another Space I wanted to try gave me SSL_ERROR_BAD_MAC_READ before returning a number of SSL_ERROR_RX_RECORD_TOO_LONG on subsequent loads.
Here’s the output of my openssl CLI binary trying to connect.
$ openssl s_client -connect huggingfacem4-idefics-8b.hf.space:443
Connecting to 54.83.186.239
CONNECTED(00000007)
C0FAF6FC01000000:error:0A0000C6:SSL routines:tls_get_more_records:packet length too long:ssl/record/methods/tls_common.c:655:
C0FAF6FC01000000:error:0A000139:SSL routines::record layer failure:ssl/record/rec_layer_s3.c:650:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 348 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
The error SSL_ERROR_RX_RECORD_TOO_LONG occurs in Firefox, and it usually means that the browsers fail to validate the secure data, which happens when the SSL certificate needs to be configured correctly. For instance, it states that the website you are attempting to visit is unavailable “because the authenticity of the received data could not be verified.”
The SSL certificate’s improper configuration is the most typical issue, which prevents your browser from successfully establishing a connection with the server’s port. There are many different methods to solve the error, which can be helpful in solving the error. I hope it helps!
1 Like