Hello.
I haven't used Let's Encrypt much, so sorry if I'm off the mark.
The Apache2 setting at the time of Let's Encrypt remained in the memo that was
set once.
It looks like you did something like this:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName <DOMAIN>
ServerAlias www.<DOMAIN>
ServerAdmin info@<DOMAIN>
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.<DOMAIN>.log
CustomLog ${APACHE_LOG_DIR}/access.<DOMAIN>.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/piitpl.co.in/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/piitpl.co.in/privkey.pem
Proxy Requests off
<Location /guacamole/>
ProxyPass ajp://127.0.0.1:8009/guacamole/ keepalive=on
ProxyPassReverse ajp://127.0.0.1:8009/guacamole/
RequestHeader set X-Forwarded-Proto https
RequestHeader set X-Forwarded-Port 443
ProxyPreserveHost On
</Location>
<Location /guacamole/websocket-tunnel>
Order allow, deny
Allow from all
ProxyPass ws://localhost:8080/guacamole/websocket-tunnel
ProxyPassReversews://localhost:8080/guacamole/websocket-tunnel
ProxyPreserveHost On
</Location>
</VirtualHost>
</IfModule>
I hope this helps.
Best Regards,
On 2023/05/23 火 午後 04:22, Eby Mani wrote:
Are there any proper guide on how to setup guacamole with apache2 https reverse
proxy ?.
I tried setting up guacamole with apache2, with "https://example-domain-name";
the default ubuntu apache2 webpage would open.
"https:///example-domain-name/guacamole"; will throw some certificate error. Had
to remove apache2 and setup guacamole with ngnix, reverse proxy is working fine over
https !!!!.
my old apache2 config,
1, /etc/apache2/sites-available/guacamole.html
2, enabled guacamole.html
3, disabled 000-default
4, restarted apache2
5, ran certbot --apache
6, restarted guacd, tomcat9 and apache2
contents of guacamole.html
<VirtualHost *:80>
ServerName "example-domain-name"
ServerAlias "example-domain-name"
Redirect permanent / https://example-domain-namee/
</VirtualHost>
<VirtualHost *:443>
ServerName "example-domain-name"
ServerAlias "example-domain-name"
<If "%{HTTP_HOST} == 'www.example-domain-name'">
Redirect permanent / https://"example-domain-name"/
</If>
ErrorLog /var/log/apache2/example-domain-name-error.log
CustomLog /var/log/apache2/example-domain-name-access.log combined
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/piitpl.co.in/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/piitpl.co.in/privkey.pem
<Location /guacamole/>
Order allow,deny
Allow from all
ProxyPass http://127.0.0.1:8080/guacamole/ flushpackets=on
ProxyPassReverse http://127.0.0.1:8080/guacamole/
</Location>
<Location /guacamole/websocket-tunnel>
Order allow,deny
Allow from all
ProxyPass ws://127.0.0.1:8080/guacamole/websocket-tunnel
ProxyPassReverse ws://127.0.0.1:8080/guacamole/websocket-tunnel
</Location>
</VirtualHost>
Thanks,
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
