You are configuring apache to use "http" and tomcat to listen for
"https".
You should remove the following parts and maybe change the port number
(in apache you have 8080 not 8443) to use "http" on tomcat.
<Connector port="8443"
protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https"
secure="true"
clientAuth="false" sslProtocol="TLS"
/>
Or you can change apache to use "https" and adjust the port.
You also need to "proxy" the websocket in apache:
<Location /guacamole/websocket-tunnel>
ProxyPass ws://192.168.1.2:8080/guacamole/websocket-tunnel
ProxyPassReverse ws://192.168.1.2:8080/guacamole/websocket-tunnel
</Location>
---
Paulo Alexandre Figueiredo Gonçalves
Departamento de Tecnologias de Informação e Comunicação (DTIC)
Email: [email protected] | Voip: 301103
Serviços Centrais
Rua da Misericórdia, Lagar dos Cortiços - S. Martinho do Bispo,
3045-093 Coimbra
Tel.: +351 239 791 250
Site:www.ipc.pt [1] | E-mail:[email protected]
A 2019-02-22 09:49, Nick Couchman escreveu:
> On Fri, Feb 22, 2019 at 4:04 AM Kamal Ezzaki <[email protected]> wrote:
>
>> Hello, I m using Guacamole1.0.0 in centos 7, I Read the Configuration Page
>> about Proxing Guacamole , i m using tomcat and i did added this
>> Configuration :
>> vi /etc/guacamole/apache.conf
>>
>> <Location /guacamole/>
>> Order allow,deny
>> Allow from all
>> ProxyPass http://192.168.1.2:8080/guacamole/ flushpackets=on
>> ProxyPassReverse http://192.168.1.2:8080/guacamole/
>> </Location>
>>
>> vi /etc/tomcat/server.xml
>>
>> <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
>> maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
>> clientAuth="false" sslProtocol="TLS"
>> />
>>
>> and than restart tomcat and restart guacd and when i try
>> https://192.168.1.2:8443/ give me innacessible
>
> You don't need to restart guacd, you need to restart Tomcat. Guacamole has
> two distinct components, Guacamole Server (guacd), which listens on port
> 4822, and Guacamole Client, which runs in Tomcat. Guacamole Client presents
> the Web interface in Tomcat, and connects to Guacamole server (guacd). The
> configuration you're changing above is the Tomcat configuration, so you need
> to restart Tomcat.
>
> Also, check and see if there is a firewall running on your system - if so,
> you'll need to open port 8443 on the firewall.
>
> Finally, while you can do TLS (HTTPS) support directly in Tomcat, most people
> don't - most people use a reverse proxy of some sort (httpd, nginx) to front
> the Tomcat configuration. There are a wide variety of reasons for this - one
> of them is that you normally cannot run Tomcat on a port lower than 1024
> (like 443) under a non-root account, and running Tomcat as root is a really
> bad idea. Instructions for proxying Guacamole Client behind httpd and nginx
> can be found in the manual:
>
> http://guacamole.apache.org/doc/gug/proxying-guacamole.html
>
> -Nick
Links:
------
[1] http://www.ipc.pt
