[
https://issues.apache.org/jira/browse/GUACAMOLE-274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15979345#comment-15979345
]
Matt Prager commented on GUACAMOLE-274:
---------------------------------------
The Hash type. If you look over here and scroll down to the picture in the
middle, you'll see an image of SSL Labs Best Practices for IIS. Under Hashes
Enabled, you'll see all 5 hash types clicked. However, SPDY throws an error
unless MD5 and SHA are unselected and, as I mentioned before, Guacamole won't
connect over RDP unless SHA is selected, meaning SPDY and Guacamole are in
conflict and I'm forced to either having Guacamole work by enabling SHA but
getting a million SPDY errors on the web or having the web work fine but
Guacamole unable to connect to my computer over RDP.
> Guacamole SHA SPDY conflict
> ---------------------------
>
> Key: GUACAMOLE-274
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-274
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole
> Affects Versions: 0.9.12-incubating
> Environment: Ubuntu Xenial
> Reporter: Matt Prager
>
> I use Guacamole to RDP into Windows Server 2016 and noticed the following
> issue: with SHA disabled, Guacamole never logs in. With SHA enabled,
> Guacamole logs in but browsers that use SPDY throw insecure protocol errors.
> The is easily reproducible using IISCrypto as enabling SHA immediately allows
> Guacamole logon and disabling it then rebooting prevents it.
> My RDP security type is set to "any" if that matters.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
