I am looking to enable TLS between Guac and my Linux VM running XRDP. I have a cert on XRDP and when I connect with Windows I do not get the "this is an invalid cert trust window" so I know the cert is OK (it is provisioned by our local cert provider).
When I enable TLS on the connection in Guacamole I have to click on the "ignore cert" option for the connection to be accepted. Mar 7 18:43:47 mt02e1gws0005v guacd[2885]: No known host keys provided, host identity will not be verified. Mar 7 18:43:47 mt02e1gws0005v guacd[2885]: Loading keymap "base" Mar 7 18:43:47 mt02e1gws0005v guacd[2885]: Loading keymap "en-us-qwerty" Mar 7 18:43:47 mt02e1gws0005v guacd[2885]: Certificate validation failed Mar 7 18:43:47 mt02e1gws0005v guacd[2885]: RDP server closed/refused connection: SSL/TLS connection failed (untrusted/self-signed certificate?) Mar 7 18:43:47 mt02e1gws0005v guacd[2885]: User "@09c27536-0232-4d8a-9554-31f7a4ff5698" disconnected (0 users remain) Mar 7 18:43:47 mt02e1gws0005v guacd[2885]: Last user of connection "$84e6f47c-6fd4-4e46-88a9-55b1cd8d2ea9" disconnected How do I add our cert chain to Guacamole so it will accept our certs? I am using Tomcat 9 and tried to import the cert with keytool -import -alias saas_priv -file my_file.crt but is there a special keystore I have to specify? Thanks, Kevin Kevin Cameron Senior Cloud Orchestration Engineer [https://apps.kinaxis.com/email-signature/images/Kinaxis-logo-150px.png]<http://www.kinaxis.com/> O: +1 (343) 803-3972 | M: +1 (613) 850-3955 [https://apps.kinaxis.com/email-signature/images/icon-linkedin-32px-lightblue.png]<https://www.linkedin.com/company/kinaxis> [https://apps.kinaxis.com/email-signature/images/icon-twitter-32px-lightblue.png] <https://twitter.com/kinaxis> [https://apps.kinaxis.com/email-signature/images/icon-facebook-32px-lightblue.png] <http://www.facebook.com/Kinaxis> [https://apps.kinaxis.com/email-signature/images/icon-youtube-32px-lightblue.png] <http://www.youtube.com/user/KinaxisCorporate> [https://apps.kinaxis.com/email-signature/images/icon-instagram-32px-lightblue.png] <https://www.instagram.com/kinaxis/> Follow Kinaxis on LinkedIn <https://www.linkedin.com/company/kinaxis/> for the latest supply chain insights. Confidential. This email and any attachments hereto may contain private, confidential, and privileged material for the sole use of the addressee. Any review, copying, or distribution of this email (or any attachments thereto) by others is strictly prohibited. If you are not the intended recipient, please return this email to the sender immediately and permanently delete the original and any copies of this email and any of its attachments. Thank you.
