OK! That seemed to work… But now there another error. When trying to connect to a machine it says “ The remote desktop server is currently unreachable. If the problem persists, please notify your system administrator, or check your system logs.”
And catalina.out says- “Thu Oct 12 14:19:21 EDT 2017 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification. I don’t think the SQL error is causing the problem, but I might be wrong.. Thanks! Carter Sema Network Support Specialist [email protected]<mailto:[email protected]> [CertBadge_Administrator_web] From: Nick Couchman [mailto:[email protected]] Sent: Thursday, October 12, 2017 12:57 PM To: [email protected] Subject: Re: Guacamole Dropping Connections On Thu, Oct 12, 2017 at 12:52 PM, Carter Sema <[email protected]<mailto:[email protected]>> wrote: Installed Fresh Guacamole 0.9.13, using mysql database backend for user and LetsEncrypt! For SSL with Apache2 for a reverse proxy. Guacamole won’t allow sessions to connect. Checked my catalina.out log and I’m seeing the following error 12:05:27.501 [http-nio-8080-exec-1] ERROR o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target 12:06:26.882 [http-nio-8080-exec-9] ERROR o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target This seems to indicate that Java does not trust whatever certificate you're using. You might need to import either the server certificate or the root certificate for that server cert into the Java keystore. This will vary based on what type/version of Java you're using - in the Sun/Oracle versions of Java, if you look in the JRE base directory, under lib/security, you'll find a cacerts file that contains known CA certificates. You can use the keytool binary to import your certificate(s) into that file, then restart Tomcat. OpenJDK maintains a file somewhere else, and that depends on what Linux distribution you're using. -Nick
