As Jordi recommended you can add haproxy or nginx (or any other reverse proxy server) between INTERNET and GUACAMOLE to do SSL offload, i.e.:
INTERNET -- ^REVERSE PROXY w/ SSL^ --GUACAMOLE (or what ever) -- HTTP INTRANET SERVER -- LINKS TO OTHER HTTP INTRANET SERVER Thank you, -- Dmitri Chebotarov ITS/SSG @ GMU 223 Aquia Building, Ffx, MSN: 1B5 [https://goo.gl/maps/w2nCJ6APrHC2] Phone: (703) 993-6175 | Fax: (703) 993-3404 Public key: [https://goo.gl/SlE8tj] > On Aug 31, 2016, at 9:33 , Koch Andreas <[email protected]> wrote: > > > I need this: > > INTERNET -- GUACAMOLE (or what ever) -- HTTP INTRANET SERVER -- LINKS TO > OTHER HTTP INTRANET SERVER > > Cisco ASA Clientless WEBvpn or Sophos , ... do this. There, the LINKS are > translated . > > Intranet Link on webserver: intranet2.intranet.de > Client see the Link: > https://vpn.Intranetserver/+CSCO+0h75676763663A2F2F636E65676172652E756E6873722E71723A343433++/TEST/useService?sid=12 > > Hope I could explain it understandable. > > Thanks > > Andreas > > >> -----Ursprüngliche Nachricht----- >> Von: Paraire Andrés, Jordi Jesús [mailto:[email protected]] >> Gesendet: Mittwoch, 31. August 2016 15:24 >> An: [email protected] >> Betreff: RE: Support HTTP/S Protocol? >> >> Hi, >> >> My usual setup is to install a haproxy at port 443, and handle the >> certificates at haproxy >> layer. >> >> INTERNET -- HTTPS -- HAPROXY HANDLING CERTIFICATES -- HTTP -- GUACAMOLE >> >> Hope this is useful for you. >> >> Best regards, >> Jordi. >> >> >> >> >> -----Mensaje original----- >> De: Koch Andreas [mailto:[email protected]] >> Enviado el: miércoles, 31 de agosto de 2016 15:13 >> Para: [email protected] >> Asunto: Support HTTP/S Protocol? >> >> Hello, >> >> supports guacamole also the http/s protocol? >> >> We want to access a https intranet server . This has however, links to other >> web servers >> which are also only internally accessible . >> >> Sophos appliance can do this . How this is implemented there ? >> >> Many Thanks, Andreas >> >> Este correo electrónico y, en su caso, cualquier fichero anexo al mismo, >> contiene >> información de carácter confidencial exclusivamente dirigida a su >> destinatario o >> destinatarios. Si no es vd. el destinatario indicado, queda notificado que >> la lectura, >> utilización, divulgación y/o copia sin autorización está prohibida en virtud >> de la >> legislación vigente. En el caso de haber recibido este correo electrónico >> por error, se >> ruega notificar inmediatamente esta circunstancia mediante reenvío a la >> dirección >> electrónica del remitente. >> Evite imprimir este mensaje si no es estrictamente necesario. >> >> This email and any file attached to it (when applicable) contain(s) >> confidential >> information that is exclusively addressed to its recipient(s). If you are >> not the >> indicated recipient, you are informed that reading, using, disseminating >> and/or copying it >> without authorisation is forbidden in accordance with the legislation in >> effect. If you >> have received this email by mistake, please immediately notify the sender of >> the situation >> by resending it to their email address. >> Avoid printing this message if it is not absolutely necessary.
signature.asc
Description: Message signed with OpenPGP using GPGMail
