How to fix Invalid request (Unsupported SSL request)

Stefan Izdrail

Founder & Senior Architect · 2026-06-29

Laravel Company
Title: Resolving Invalid Request (Unsupported SSL Requests) for Laravel Applications Invalid Request (Unsupported SSL request) errors in your Laravel application may arise when trying to run `php artisan serve` and access the development server through a browser using HTTPS instead of HTTP. In this post, we'll explore how you can fix these issues by configuring the .htaccess file for appropriate redirects, enabling HTTPS, and managing your SSL certificates.

Enabling HTTP Redirections

Firstly, ensure that your Laravel application is configured to serve requests over HTTP by default. For this purpose, create an empty .htaccess file in the root directory of your project and add the following lines: ``` Options -MultiViews RewriteEngine On #Force Https #RewriteCond %{HTTPS} !=on #RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] ``` This will instruct Apache to redirect all incoming traffic from HTTPS to the corresponding HTTP requests. The `#Force Https` section is currently commented out but you can uncomment it if your project requires forced HTTPS connections. Next, check the .htaccess file for any inconsistencies that may be causing issues with your Laravel application's routing and redirects.

Managing SSL Certificates

If you are using an SSL certificate (also known as a TLS certificate) with your Laravel project, ensure that it is properly configured in the .htaccess file. For example: ``` # GZip Compression #mod_gzip_on Yes #mod_gzip_dechunk Yes #mod_gzip_item_include file .(html?|txt|css|js|php|xml|json|pl)$ #mod_gzip_item_include handler ^cgi-script$ #mod_gzip_item_include mime ^text/.* #mod_gzip_item_include mime ^application/x-javascript.* #mod_gzip_item_exclude mime ^image/.* #mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.* ``` Alternatively, if you are not using an SSL certificate, comment out the `Force Https` section in your .htaccess file and follow these steps to enable HTTPS: 1. Create a new self-signed certificate with OpenSSL, for example: ```shell openssl req -new -x509 -days 3650 -subj "/CN=localhost" -keyout key.pem -out cert.pem ``` 2. Add the following lines to your .htaccess file: ``` # GZip Compression #mod_gzip_on Yes #mod_gzip_dechunk Yes #mod_gzip_item_include file .(html?|txt|css|js|php|xml|json|pl)$ #mod_gzip_item_include handler ^cgi-script$ #mod_gzip_item_include mime ^text/.* #mod_gzip_item_include mime ^application/x-javascript.* #mod_gzip_item_exclude mime ^image/.* #mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.* RewriteEngine On #Force Https RewriteCond %{HTTPS} !=on RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301] ``` 3. Enable SSL/TLS on your Laravel application's virtual host by adding the following lines to your server configuration files (e.g., Apache's httpd.conf): ``` SSLEngine On SSLCertificateFile /path/to/certificate/file/cert.pem SSLCertificateKeyFile /path/to/self-signed/key_file/key.pem ``` 4. Restart your server to apply the changes. Your Laravel development server should now be serving HTTPS requests, while your localhost is accessible over plain HTTP for easier testing and development purposes. In conclusion, following these steps will ensure that your Laravel application serves requests through HTTP by default, allowing you to work more efficiently without encountering invalid request (unsupported SSL request) errors. For a more detailed guide on configuring SSL certificates with Apache, please refer to the individual server configuration documentation.