guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Maxime De Cuypere <jeanned...@gmail.com>
Subject TLS between Guacd and Tomcat throwing error
Date Thu, 20 Oct 2016 21:09:47 GMT
Hi everyone

I've been trying for few days to setup TLS between the client and the
server butI end up with the following error :

Oct 20 23:06:45 debian guacd[1010]: Unable to set up SSL/TLS: SSL accept
failed

Here is the startup log which shows TLS support and successful startup :


Oct 20 23:05:21 debian systemd[1]: Starting LSB: Guacamole proxy daemon...
Oct 20 23:05:21 debian guacd[1007]: Guacamole proxy daemon (guacd) version
0.9.9 started
Oct 20 23:05:21 debian guacd[1005]: Starting guacd: guacd[1007]:
INFO:#011Guacamole proxy daemon (guacd) version 0.9.9 started
Oct 20 23:05:21 debian guacd[1007]: Unable to bind socket to host ::1, port
4822: Address family not supported by protocol
Oct 20 23:05:21 debian guacd[1007]: Successfully bound socket to host
127.0.0.1, port 4822
Oct 20 23:05:21 debian guacd[1007]: Communication will require SSL/TLS.
Oct 20 23:05:21 debian guacd[1005]: guacd[1007]: DEBUG:#011Unable to bind
socket to host ::1, port 4822: Address family not supported by protocol
Oct 20 23:05:21 debian guacd[1005]: guacd[1007]: DEBUG:#011Successfully
bound socket to host 127.0.0.1, port 4822
Oct 20 23:05:21 debian guacd[1005]: guacd[1007]: INFO:#011Communication
will require SSL/TLS.
Oct 20 23:05:21 debian guacd[1007]: Using PEM keyfile
/etc/ssl/private/guacd.key
Oct 20 23:05:21 debian guacd[1005]: guacd[1007]: INFO:#011Using PEM keyfile
/etc/ssl/private/guacd.key
Oct 20 23:05:21 debian guacd[1007]: Using certificate file
/etc/ssl/certs/guacd.crt
Oct 20 23:05:21 debian guacd[1005]: guacd[1007]: INFO:#011Using certificate
file /etc/ssl/certs/guacd.crt
Oct 20 23:05:21 debian guacd[1007]: Exiting and passing control to PID 1008
Oct 20 23:05:21 debian guacd[1005]: guacd[1007]: DEBUG:#011Exiting and
passing control to PID 1008
Oct 20 23:05:21 debian guacd[1005]: SUCCESS
Oct 20 23:05:21 debian systemd[1]: Started LSB: Guacamole proxy daemon.
Oct 20 23:05:21 debian guacd[1008]: Exiting and passing control to PID 1009
Oct 20 23:05:21 debian guacd[1005]: guacd[1008]: DEBUG:#011Exiting and
passing control to PID 1009
Oct 20 23:05:21 debian guacd[1009]: Listening on host 127.0.0.1, port 4822


Here is my guacd.conf :

[daemon]

pid_file = /var/run/guacd.pid
log_level = debug

[server]

bind_host = localhost
bind_port = 4822

#
# The following parameters are valid only if
# guacd was built with SSL support.
#

[ssl]

server_certificate = /etc/ssl/certs/guacd.crt
server_key = /etc/ssl/private/guacd.key

The cert and key generation:

openssl req -newkey rsa:4096 -nodes -sha512 -x509 -days 3650 -nodes -out
/etc/ssl/certs/guacd.crt -keyout /etc/ssl/private/guacd.key

And then the content of my guacamole.properties shows that TLS is enabled :

guacd-ssl: true

Do you guys have any clue where the problem is ?

Thanks

Mime
View raw message