guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wouterve <>
Subject unable to use websocket - HTTP tunnel instead
Date Wed, 20 Dec 2017 14:43:56 GMT
This is a continuation from my  previous post
as it was getting a little messy. 
So here is my problem:

Guacamole is not using websocket but http-tunnel instead eventhough I have
set up a proxy with Apache.

Here is the output from /var/lib/tomcat7/logs/catalina.out:

> 16:19:18.001 [http-bio-8080-exec-10] INFO 
> o.a.g.r.auth.AuthenticationService - User "vaneenw" successfully
> authenticated from
> Wed Dec 20 16:19:18 CET 2017 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be
> established by default if explicit option isn't set. For compliance with
> existing applications not using SSL the verifyServerCertificate property
> is set to 'false'. You need either to explicitly disable SSL by setting
> useSSL=false, or set useSSL=true and provide truststore for server
> certificate verification.
> 16:19:18.351 [http-bio-8080-exec-13] INFO 
> o.a.g.tunnel.TunnelRequestService - User "vaneenw" connected to connection
> "1".
> 16:19:18.354 [http-bio-8080-exec-13] INFO 
> o.a.g.tunnel.TunnelRequestService - User "vaneenw" disconnected from
> connection "1". Duration: 3 milliseconds
> 16:19:18.552 [http-bio-8080-exec-7] INFO 
> o.a.g.tunnel.TunnelRequestService - User "vaneenw" connected to connection
> "1".
> 16:19:18.552 [http-bio-8080-exec-7] INFO 
> o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not
> WebSocket). Performance may be sub-optimal.

With Apache, I have done the following configuration:

1-enable mod_proxy & mod_proxy_wstunnel

>  sudo a2enmod proxy_wstunnel   (this also enables mod_proxy..)
> sudo a2enmod proxy_http
> sudo a2enmod headers
> sudo a2enmod rewrite
> sudo a2enmod proxy_html
> sudo a2enmod deflate

(I'm not sure whether the other mods beside the first one are really
necessary but doesn't harm to enable too much it seems to me..)

Then I've changed my apache virtual host file:
(as desbribed by the  guacamole documentation

> <VirtualHost *:80>
> ServerName name
> 	ServerAdmin webmaster@localhost
> 	DocumentRoot /var/www/html
> 	ProxyRequests on
> <Proxy *=""/>
>         Order allow,deny
>         Allow from all
> </Proxy>
> <Location /guacamole/>
>     Order allow,deny
>     Allow from all
>     ProxyPass http://localhost:8080/guacamole/ flushpackets=on
>     ProxyPassReverse http://localhost:8080/guacamole/
> </Location>
> <Location /guacamole/websocket-tunnel>
>    Order allow,deny
>    Allow from all
>    ProxyPass ws://localhost:8080/guacamole/websocket-tunnel
>    ProxyPassReverse ws://localhost:8080/guacamole/websocket-tunnel
> </Location>
> </VirtualHost>

(note: once websocket is working I will adapt the <proxy> config so that
only local requests are accepted)

Thus far, I haven't succeeded in establishing connection with guacomole
through websocket which results in very laggy response from the remote
Only exception is when I log into guacamole from the server itself, then I
have a websocket and optimal performance so problem is within proxying I

I have to add I don't use SSL certificates (use port 80) as can also be
found in the tomcat log (see above). Could this also have to do something
with it? 

Can someone help me with configuration please?

kind regards,


Sent from:

View raw message