Hi Mike, thanks for your reply. Communication between the web user on tomcat is already done. I was able to configure the reverse proxy in apache without any problems.
Now I want to do the configuration even between Tomcat and quacd. I put the option in properties: guacd-ssl: true I restarted tomcat I started quacd with the line: / usr / local / sbin / guacd -f -C /etc/httpd/certs/remoto-final.pem -K /etc/pki/tls/certs/remoto-key.pem -L debug & Log error guacd[14818]: Unable to set up SSL/TLS: SSL accept failed The certificates that I am informing in guacd are the same ones that I used for the tomcat ssl web What can I be wrong? Thanks Henri Em dom., 5 de jul. de 2020 às 20:13, Mike Jumper <mjum...@apache.org> escreveu: > First, if you are trying to set up SSL/TLS in front of the web > application, this is not the way. This affects only the (internal) > communication between Tomcat and guacd. > > Assuming this is indeed what you're looking for (you are trying to encrypt > the internal, non-user-facing communication between Tomcat and guacd), did > you set the corresponding properties in guacamole.properties? When > encrypting communication between Tomcat and guacd, both ends need to be > configured for this: > > > https://guacamole.apache.org/doc/gug/configuring-guacamole.html#initial-setup > > If you are just looking to encrypt the user-facing side of things, you > don't need to do any of this. You should instead look to set up Apache or > Nginx as a reverse proxy to provide SSL termination in front of Tomcat: > > https://guacamole.apache.org/doc/gug/proxying-guacamole.html > > - Mike > > On Sun, Jul 5, 2020, 16:07 Henri Alves de Godoy > <henri.go...@fca.unicamp.br.invalid> wrote: > >> I promise it's my last question for today ;-) >> >> When I put the certificate settings in guacd, I have in the log: >> >> Jul 5 20:00:34 guacd[14248]: Guacamole proxy daemon (guacd) version >> 1.2.0 started >> Jul 5 20:00:34 guacd[14248]: Communication will require SSL/TLS. >> Jul 5 20:00:34 guacd[14248]: Using PEM keyfile >> /etc/pki/tls/certs/cert-key.pem >> Jul 5 20:00:34 guacd[14248]: Using certificate file >> /etc/httpd/certs/cert-final.pem >> Jul 5 20:00:34 guacd[14248]: Listening on host 127.0.0.1, port 4822 >> >> However when establishing a connection to Windows via RDP, I can't. and >> appears in the log: >> >> guacd[14248]: ERROR: Unable to set up SSL/TLS: SSL accept failed >> guacd[14248]: ERROR: Unable to set up SSL/TLS: SSL accept failed >> guacd[14248]: ERROR: Unable to set up SSL/TLS: SSL accept failed >> >> Any tips on what might be happening? >> >> Thank you >> >> -- >> Henri Alves Godoy >> Tecnologia da Informação e Comunicação >> Faculdade de Ciências Aplicadas - FCA >> Universidade Estadual de Campinas - UNICAMP >> Fone: (19) 3701-6682 >> > -- -- Henri Alves Godoy Tecnologia da Informação e Comunicação Faculdade de Ciências Aplicadas - FCA Universidade Estadual de Campinas - UNICAMP Fone: (19) 3701-6682
