I second. I'm running the same setup with Apache but NGINX would work. I've had it running under my SSL for about 5months myself
On Fri, Jun 24, 2016 at 8:31 AM, Nick Couchman <[email protected]> wrote: > I use Apache HTTPD to do this, but the idea is the same. Nginx is pretty > light-weight, so might be a better option if all you're doing is the SSL > proxying, but Apache works fine, too. > > The Apache configuration is pretty simple - set up SSL, then use mod_proxy > with either HTTP or AJP protocols to redirect the traffic back to Tomcat. > Lots of instructions out there on how to accomplish this. > > -Nick > > On Jun 24, 2016, at 07:23, Bob Henderson <[email protected]> wrote: > > It's worth looking into. Allows easy SSL termination, and a higher level > of security due to minimal firewall/dmz interaction. I've had it running in > production for approx 6 months now, no issues. > > -Bob Henderson- > Technology Coordinator > Robotics Coach > Senior Drama Director > Lake Park Audubon Schools > 218.238.5914 ext 2030 > www.lakeparkaudubon.com > Check us out on Facebook! <http://www.facebook.com/lpa2889> > > On Fri, Jun 24, 2016 at 8:16 AM, Clinton Tonge < > [email protected]> wrote: > >> I like this idea…I’m not a pro in this type of application, but I’ll do >> some research. Thanks! >> >> >> *Clinton Tonge* >> SCADA and Asset Performance >> >> Northwind Solutions >> 1315 North Service Road East, Suite 300 >> Oakville, Ontario L6H 1A7 >> O: 905.829.5757 >> C: 519.835.1315 >> >> <image001.png> >> www.northwindsolutions.com >> >> On Jun 23, 2016, at 1:51 PM, Bob Henderson <[email protected]> >> wrote: >> >> I'd personally set it up behind an NGINX reverse proxy with ssl >> termination on the public IP, and just have all users use that? >> >> -Bob Henderson- >> Technology Coordinator >> Robotics Coach >> Senior Drama Director >> Lake Park Audubon Schools >> 218.238.5914 ext 2030 >> www.lakeparkaudubon.com >> Check us out on Facebook! <http://www.facebook.com/lpa2889> >> >> On Thu, Jun 23, 2016 at 12:47 PM, Clinton Tonge < >> [email protected]> wrote: >> >>> Is it possible for guacamole to listen on multiple hosts and ports? I >>> have it currently working without encryption on a private VPN virtual >>> adapter for my internal users, and I’d also like to have it accessible with >>> SSL via a public static IP on my server for a few outside users. Or do I >>> need to setup a second instance to handle this other access method... >>> >>> Cheers, >>> Clint. >>> >>> >>> *Clinton Tonge* >>> SCADA and Asset Performance >>> >>> Northwind Solutions >>> 1315 North Service Road East, Suite 300 >>> Oakville, Ontario L6H 1A7 >>> O: 905.829.5757 >>> C: 519.835.1315 >>> >>> <image001.png> >>> www.northwindsolutions.com >>> >>> >> >> > > ------------------------------ > > This e-mail may contain SEAKR Engineering (SEAKR) Confidential and > Proprietary Information. If this message is not intended for you, you are > strictly prohibited from using this message, its contents or attachments in > any way. If you have received this message in error, please delete the > message from your mailbox. This e-mail may contain export-controlled > material and should be handled accordingly. > --
