Receiving unsupported_record_type TLS error in Phoenix logs

Hello,

Looking at my server log, I’m seeing a lot of messages like these ones:

19:08:55.477 [info] #PID<0.2406.41> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 243}
 
19:09:56.526 [info] #PID<0.2519.41> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 19}
 
19:11:01.055 [info] #PID<0.3346.41> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 76}
 
19:12:04.595 [info] #PID<0.3733.41> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 19}
 
19:14:21.683 [info] #PID<0.4141.41> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 19}
 
19:15:24.860 [info] #PID<0.5173.41> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 111}

22:32:43.331 [info] #PID<0.13379.44> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 3}

Does anyone knows what these messages mean?

I’m running Elixir 1.11.2 with Phoenix 1.5.3

Thanks!

If this is a public server, it can be someone scanning your app for vulnerabilities, or trying to do unencrypted HTTP requests on an HTTPS port by mistake, or otherwise sending invalid data for whatever reason.

Basically Erlang is saying it received nonsense data.

This makes sense, the server is indeed public, so it makes sense that someone may be trying to access it for one reason or another.

Thanks!

On the other side of things: I was getting this error as a warning log message because I was attempting to do SSL against an HTTP server that intentionally didn’t do secure connections.

This was the error message:

TLS :client: In state :hello at tls_record.erl:539 generated CLIENT ALERT: Fatal - Unexpected Message

* {:unsupported_record_type, 72}

Changing the connection to go through the default HTTP port instead of the HTTPS port stopped the warning logs.

I had this error message on my dev server after enabling self-signed ssl locally. I served https over a different port (4000 → http, 4001 → https) and my mistake was, that I entered http://localhost:4001 in the browser, instead of https. Since Chrome didn’t show the protocol it was easy to oversee.

3 Likes

You just saved me another few hours of wasted time :sweat_smile:

1 Like