I can't completely answer your question but thought I'd drop in to say
that in the several instances of Guacamole I have running I always check
'ignore cert', IOW I consider this normal practice.
In my largest installation (~60 possible users), presently utilising
Guacamole 1.0.0., we have a mix of Win7 and Win10 machines. If I don't
check the box at least one group of machines fails to connect (it's
currently in use so I can't check for sure which group - or if it's both).
Given what I've read I suspect it occurs due to uncheckable self-signed
certs, but I've never pursued the 'why'. As I trust the machines I set
the specific connections up for within the internal network I don't see
the need to go much further in terms of security checking.
On 5/02/2020 5:00 a.m., Zer0Cool wrote:
Rebooted (though restarting services would likely work too) and got past the
home dir error, however I faced a new error (/var/log/messages) and RDP not
connecting:
guacd[9918]: Certificate validation failed
guacd: guacd[9918]: INFO:#011Certificate validation failed
guacd: guacd[9918]: ERROR:#011Error connecting to RDP server
guacd[9918]: Error connecting to RDP server
The client is a Windows 7 Pro box. I found that if I checked the box for
this connection labeled "Ignore server certificate" then I could connect to
this connection.
Any idea why this would be needed? Previously, Guac 1.0.0, freerdp 1.x,
CentOS 7.7 and the same Windows 7 client did not require this box to be
checked to connect.
What does the error actually mean? What certificate failed verification? IS
this correctable or is the only option to ignore the cert?
