necouchman commented on code in PR #805: URL: https://github.com/apache/guacamole-client/pull/805#discussion_r1126889213
########## guacamole-docker/README.md: ########## @@ -228,6 +228,49 @@ The process for doing this via the `sqlcmd` utilities included with SQLServer is documented in [the Guacamole manual](http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-sqlserver). +Enabling guacd ssl +================ +This explains how to enable ssl between guacamole and guacd using a self signed certificat. + +1. Generate a new certificat +You need to create the new certificat on the guacd host. + +```shell +openssl genrsa -out /etc/guacd/server.key 2048 +openssl req -new -key /etc/guacd/server.key -out /etc/guacd/cert.csr +openssl x509 -in /etc/guacd/cert.csr -out /etc/guacd/server.crt -req -signkey /etc/guacd/server.key -days 3650 +openssl pkcs12 -export -in /etc/guacd/server.crt -inkey /etc/guacd/server.key -out /etc/guacd/server.p12 -CAfile ca.crt -caname root +``` +2. Configure guacd + +On debian, edit /etc/default/guacd and modify the following variables. +``` +# listen on all interface +LISTEN_ADDRESS=0.0.0.0 + +# certificats +DAEMON_ARGS=-C /etc/guacd/server.crt -K /etc/guacd/server.key +``` +restart guacd! Review Comment: This may be more suited for the Configuring guacd section of the user guide. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
