[
https://issues.apache.org/jira/browse/GUACAMOLE-1627?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17558384#comment-17558384
]
siva commented on GUACAMOLE-1627:
---------------------------------
[~mjumper]: correct, I'm not asking for a fix to something in guac itself.
[~vnick]: No disagreements with the options you suggested and yes this is more
of a "hack" honestly speaking but the options you suggested aren't really
feasible - 1) I could raise the issue with win 2019 server team/org but I have
no control on the timeline of the fix, 2) Can't really ask the customer to turn
off TLS1.3 on their servers just because the server is specifically messing
around with the FreeRDP client TLS handshake - note that the mstsc/ Microsoft's
Official RDP client connects just fine to the win 2019 server that has TLS1.2
and 1.3 enabled, so if you look at it that way, the patch/hack really achieves
feature parity with the official RDP client.
> Add support for forcing RDP connection to TLSv1.2
> -------------------------------------------------
>
> Key: GUACAMOLE-1627
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1627
> Project: Guacamole
> Issue Type: New Feature
> Components: guacamole-server
> Affects Versions: 1.4.0
> Reporter: siva
> Priority: Minor
>
> The FreeRDP lib, which gucamole depends on for RDP connections, fails to
> perform a proper handshake with a windows 2019 server when both TLS1.2 and
> TLS1.3 are enabled. A fix has been put in the FreeRDP lib (see Github link in
> External issue URL) to enforce TLSv1.2 during connection handshake.
> Gucamole server project needs to target the version of FreeRDP that has this
> fix.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
