Hi Nick. It worked, it was that detail that was missing in Java certs.
There are so many details, :-) I'll have to write down all the steps here or set up an updated tutorial. I believe to be safe now, with SSL certified in the three phases of connection: - Tomcat Web User with proxy SSL - Tomcat with guacd SSL - Guacd with AD LDAP SSL Thank you all for your help. Henri. Em seg., 6 de jul. de 2020 às 09:30, Nick Couchman <[email protected]> escreveu: > On Sun, Jul 5, 2020 at 7:28 PM Henri Alves de Godoy > <[email protected]> wrote: > >> Hi Mike, thanks for your reply. >> >> Communication between the web user on tomcat is already done. I was able >> to configure the reverse proxy in apache without any problems. >> >> Now I want to do the configuration even between Tomcat and quacd. >> >> I put the option in properties: >> >> guacd-ssl: true >> >> I restarted tomcat >> >> I started quacd with the line: >> >> / usr / local / sbin / guacd -f -C /etc/httpd/certs/remoto-final.pem -K >> /etc/pki/tls/certs/remoto-key.pem -L debug & >> >> Log error >> >> guacd[14818]: Unable to set up SSL/TLS: SSL accept failed >> >> The certificates that I am informing in guacd are the same ones that I >> used for the tomcat ssl web >> >> What can I be wrong? >> >> > Is the certificate issuer in the Java trusted certificates store (cacerts) > for the Java version running Tomcat? > > -Nick > >> -- -- Henri Alves Godoy Tecnologia da Informação e Comunicação Faculdade de Ciências Aplicadas - FCA Universidade Estadual de Campinas - UNICAMP Fone: (19) 3701-6682
