Receiving unsupported_record_type TLS error in Phoenix logs

Hello,

Looking at my server log, I’m seeing a lot of messages like these ones:

19:08:55.477 [info] #PID<0.2406.41> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 243}
 
19:09:56.526 [info] #PID<0.2519.41> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 19}
 
19:11:01.055 [info] #PID<0.3346.41> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 76}
 
19:12:04.595 [info] #PID<0.3733.41> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 19}
 
19:14:21.683 [info] #PID<0.4141.41> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 19}
 
19:15:24.860 [info] #PID<0.5173.41> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 111}

22:32:43.331 [info] #PID<0.13379.44> :tls_record "validate_tls_records_type/8" "tls_record.erl" 539 
↳ TLS :server: In state :hello at tls_record.erl:539 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 3}

Does anyone knows what these messages mean?

I’m running Elixir 1.11.2 with Phoenix 1.5.3

Thanks!

1 Like

If this is a public server, it can be someone scanning your app for vulnerabilities, or trying to do unencrypted HTTP requests on an HTTPS port by mistake, or otherwise sending invalid data for whatever reason.

Basically Erlang is saying it received nonsense data.

2 Likes

This makes sense, the server is indeed public, so it makes sense that someone may be trying to access it for one reason or another.

Thanks!

On the other side of things: I was getting this error as a warning log message because I was attempting to do SSL against an HTTP server that intentionally didn’t do secure connections.

This was the error message:

TLS :client: In state :hello at tls_record.erl:539 generated CLIENT ALERT: Fatal - Unexpected Message

* {:unsupported_record_type, 72}

Changing the connection to go through the default HTTP port instead of the HTTPS port stopped the warning logs.

1 Like

I had this error message on my dev server after enabling self-signed ssl locally. I served https over a different port (4000 → http, 4001 → https) and my mistake was, that I entered http://localhost:4001 in the browser, instead of https. Since Chrome didn’t show the protocol it was easy to oversee.

8 Likes

You just saved me another few hours of wasted time :sweat_smile:

2 Likes

Hi,

I am currently having this issue and these are the common error lines I saw last in my logs that stopped the whole app:

20:15:27.010 [notice] TLS :server: In state :hello at tls_handshake.erl:346 generated SERVER ALERT: Fatal - Insufficient Security
 - :no_suitable_ciphers
20:23:56.937 [notice] TLS :server: In state :hello at tls_record.erl:564 generated SERVER ALERT: Fatal - Unexpected Message
 - {:unsupported_record_type, 5}
22:12:11.435 [notice] TLS :server: In state :hello at tls_handshake.erl:364 generated SERVER ALERT: Fatal - Protocol Version

Best wishes,
Jing Hui PANG