It was a good idea, Alessandro, but it didn’t work. I changed the VirtualHost
block:
<VirtualHost *:4443>
ServerName server
DocumentRoot /mnt/raid5/webserver/sites/MOserver
Header always unset X-Frame-Options
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Location /guacamole/>
Order allow,deny
Allow from all
ProxyPass http://127.0.0.1:8080/guacamole/ flushpackets=on
ProxyPassReverse http://127.0.0.1:8080/guacamole/
</Location>
<Location /websocket-tunnel>
Order allow,deny
Allow from all
#Require all granted
ProxyPass ws://127.0.0.1:8080/guacamole/websocket-tunnel
ProxyPassReverse ws://127.0.0.1:8080/guacamole/websocket-tunnel
</Location>
SSLEngine on
SSLCertificateFile /root/.acme.sh/*.mountolive.com/fullchain.cer
SSLCertificateKeyFile
/root/.acme.sh/*.mountolive.com/*.mountolive.com.key
</VirtualHost>
I restarted apache and tried to access guacamole, but it generated the same Not
Found message.
> On Dec 19, 2022, at 12:24 PM, Alessandro Sironi <a.sir...@me.com.INVALID>
> wrote:
>
> Oh, that’s for sure, that’s why I had wrote “ you can change
> guacamole.mountolive.com <http://guacamole.mountolive.com/> with what you
> want/like.” I meant exatly this, the “big mistake”, IMHO, is in the
> “<VirtualHost localhost:4443>”, here you are autoryzing only “localhost” to
> visit that vhost, here why I suggest to use the wildcard.
> Best regards,
> Alessandro
>
> Inviato da iPhone
>
>> Il giorno 19 dic 2022, alle ore 19:32, Dan Nessett
>> <dness...@yahoo.com.invalid> ha scritto:
>>
>> Thanks Alessandro. However, I don’t think this will work, since the
>> ServerName is tied to DNS and the DNS name of the server is:
>> server.mountolive.com <http://server.mountolive.com/>. There is no DNS
>> record that would satisfy guacamole.mountolive.com
>> <http://guacamole.mountolive.com/>.
>>
>> Dan
>>
>>> On Dec 19, 2022, at 11:24 AM, Alessandro Sironi <a.sir...@me.com.INVALID
>>> <mailto:a.sir...@me.com.INVALID>> wrote:
>>>
>>> I would try with:
>>>
>>> <VirtualHost *:4443>
>>> ServerName guacamole.mountolive.com
>>> <http://guacamole.mountolive.com/>
>>> ...................
>>> </VirtualHost>
>>>
>>> Where "..................." means to use your actual content, you can
>>> change guacamole.mountolive.com <http://guacamole.mountolive.com/> with
>>> what you want/like.
>>> Remember to restart apache after you have edit the file.
>>>
>>> Best regards,
>>>
>>> Alessandro
>>>
>>> Il 19/12/2022 19:09, Dan Nessett ha scritto:
>>>> Thanks for your reply. In the access log, '127.0.0.1 - -
>>>> [19/Dec/2022:10:06:19 -0700] "GET /guacamole HTTP/1.1” 404’ is a URL not
>>>> found error (see below). However, there is nothing in the log to suggest
>>>> why it isn’t found. The sites-enabled/000-default.conf file is (leaving
>>>> out commented out blocks):
>>>>
>>>> <VirtualHost localhost:4443>
>>>> ServerName server
>>>> DocumentRoot /mnt/raid5/webserver/sites/MOserver
>>>> Header always unset X-Frame-Options
>>>>
>>>> ErrorLog ${APACHE_LOG_DIR}/error.log
>>>> CustomLog ${APACHE_LOG_DIR}/access.log combined
>>>>
>>>> <Location /guacamole/>
>>>> Order allow,deny
>>>> Allow from all
>>>> ProxyPass http://127.0.0.1:8080/guacamole/
>>>> <http://127.0.0.1:8080/guacamole/> flushpackets=on
>>>> ProxyPassReverse http://127.0.0.1:8080/guacamole/
>>>> <http://127.0.0.1:8080/guacamole/>
>>>> </Location>
>>>>
>>>> <Location /websocket-tunnel>
>>>> Order allow,deny
>>>> Allow from all
>>>> #Require all granted
>>>> ProxyPass ws://127.0.0.1:8080/guacamole/websocket-tunnel
>>>> <ws://127.0.0.1:8080/guacamole/websocket-tunnel>
>>>> ProxyPassReverse ws://127.0.0.1:8080/guacamole/websocket-tunnel
>>>> <ws://127.0.0.1:8080/guacamole/websocket-tunnel>
>>>> </Location>
>>>>
>>>> SSLEngine on
>>>> SSLCertificateFile /root/.acme.sh/*.mountolive.com/fullchain.cer
>>>> <http://mountolive.com/fullchain.cer>
>>>> SSLCertificateKeyFile
>>>> /root/.acme.sh/*.mountolive.com/*.mountolive.com.key
>>>> <http://mountolive.com/*.mountolive.com.key>
>>>> </VirtualHost>
>>>>
>>>> Is there anything obvious why apache doesn’t find guacamole?
>>>>
>>>> For completeness, apache is passing the syntax of the config file:
>>>>
>>>> dnessett@Mount:~$ sudo apache2ctl configtest
>>>> Syntax OK
>>>> dnessett@Mount:~$
>>>>
>>>> dnessett@Mount:/var/log/apache2$ ls -al
>>>> total 72
>>>> drwxr-x--- 2 root adm 4096 Dec 19 09:13 .
>>>> drwxrwxr-x 16 root syslog 4096 Dec 19 09:13 ..
>>>> -rw-r----- 1 root adm 1633 Dec 19 10:12 access.log
>>>> -rw-r----- 1 root adm 11678 Dec 18 18:46 access.log.1
>>>> -rw-r----- 1 root adm 3066 Dec 17 18:48 access.log.2.gz
>>>> -rw-r----- 1 root adm 682 Dec 16 16:32 access.log.3.gz
>>>> -rw-r----- 1 root adm 319 Dec 15 22:52 access.log.4.gz
>>>> -rw-r----- 1 root adm 405 Dec 19 09:13 error.log
>>>> -rw-r----- 1 root adm 3822 Dec 19 09:13 error.log.1
>>>> -rw-r----- 1 root adm 2338 Dec 18 13:31 error.log.2.gz
>>>> -rw-r----- 1 root adm 1101 Dec 17 06:09 error.log.3.gz
>>>> -rw-r----- 1 root adm 550 Dec 15 22:53 error.log.4.gz
>>>> -rw-r----- 1 root adm 298 Dec 14 22:18 error.log.5.gz
>>>> -rw-r----- 1 root adm 0 Dec 19 09:13 other_vhosts_access.log
>>>> -rw-r----- 1 root adm 954 Dec 18 14:52 other_vhosts_access.log.1
>>>> -rw-r----- 1 root adm 183 Dec 17 08:34 other_vhosts_access.log.2.gz
>>>> -rw-r----- 1 root adm 203 Dec 16 16:20 other_vhosts_access.log.3.gz
>>>> dnessett@Mount:/var/log/apache2$ cat error.log
>>>> [Mon Dec 19 09:13:02.827821 2022] [ssl:warn] [pid 1196] AH01909:
>>>> server:443:0 server certificate does NOT include an ID which matches the
>>>> server name
>>>> [Mon Dec 19 09:13:02.828265 2022] [mpm_prefork:notice] [pid 1196] AH00163:
>>>> Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1 configured -- resuming normal
>>>> operations
>>>> [Mon Dec 19 09:13:02.828279 2022] [core:notice] [pid 1196] AH00094:
>>>> Command line: '/usr/sbin/apache2'
>>>> dnessett@Mount:/var/log/apache2$ cat access.log
>>>> 127.0.0.1 - - [19/Dec/2022:09:58:35 -0700] "GET / HTTP/1.1" 200 5795 "-"
>>>> "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36
>>>> (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36"
>>>> 127.0.0.1 - - [19/Dec/2022:09:58:44 -0700] "GET /phpinfo.php HTTP/1.1" 200
>>>> 29026 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)
>>>> AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36"
>>>> 127.0.0.1 - - [19/Dec/2022:09:58:55 -0700] "GET /guacamole HTTP/1.1" 404
>>>> 893 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)
>>>> AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36"
>>>> 127.0.0.1 - - [19/Dec/2022:09:59:15 -0700] "-" 408 335 "-" "-"
>>>> 127.0.0.1 - - [19/Dec/2022:10:06:19 -0700] "GET /guacamole HTTP/1.1" 404
>>>> 5816 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)
>>>> AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36"
>>>> 127.0.0.1 - - [19/Dec/2022:10:06:19 -0700] "GET /favicon.ico HTTP/1.1" 304
>>>> 203 "https://server.mountolive.com:xxxxx/guacamole
>>>> <https://server.mountolive.com:xxxxx/guacamole>" "Mozilla/5.0 (Macintosh;
>>>> Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko)
>>>> Chrome/108.0.0.0 Safari/537.36"
>>>> 127.0.0.1 - - [19/Dec/2022:10:06:39 -0700] "-" 408 5258 "-" "-"
>>>> 127.0.0.1 - - [19/Dec/2022:10:06:39 -0700] "-" 408 335 "-" "-"
>>>> 127.0.0.1 - - [19/Dec/2022:10:12:01 -0700] "GET / HTTP/1.1" 200 5795 "-"
>>>> "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15
>>>> (KHTML, like Gecko) Version/16.0 Safari/605.1.15"
>>>> 127.0.0.1 - - [19/Dec/2022:10:12:14 -0700] "GET /guacamole HTTP/1.1" 404
>>>> 5816 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)
>>>> AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Safari/605.1.15"
>>>> dnessett@Mount:/var/log/apache2$ cat other_vhosts_access.log
>>>> dnessett@Mount:/var/log/apache2$
>>>>
>>>> sudo lsof -i -P -n | grep LISTEN
>>>> [sudo] password for dnessett:
>>>> systemd-r 774 systemd-resolve 13u IPv4 17984 0t0 TCP
>>>> 127.0.0.53:53 (LISTEN)
>>>> sslh 986 sslh 3u IPv4 23025 0t0 TCP *:443
>>>> (LISTEN)
>>>> vsftpd 988 root 3u IPv6 22945 0t0 TCP *:21
>>>> (LISTEN)
>>>> sslh 1100 sslh 3u IPv4 23025 0t0 TCP *:443
>>>> (LISTEN)
>>>> sshd 1143 root 3u IPv4 27176 0t0 TCP *:22
>>>> (LISTEN)
>>>> sshd 1143 root 4u IPv6 27178 0t0 TCP *:22
>>>> (LISTEN)
>>>> mysqld 1190 mysql 27u IPv4 27023 0t0 TCP
>>>> 127.0.0.1:3306 (LISTEN)
>>>> apache2 1196 root 4u IPv6 25965 0t0 TCP *:4443
>>>> (LISTEN)
>>>> guacd 1450 root 4u IPv4 27919 0t0 TCP
>>>> 127.0.0.1:4822 (LISTEN)
>>>> apache2 1897 www-data 4u IPv6 25965 0t0 TCP *:4443
>>>> (LISTEN)
>>>> apache2 1898 www-data 4u IPv6 25965 0t0 TCP *:4443
>>>> (LISTEN)
>>>> apache2 1899 www-data 4u IPv6 25965 0t0 TCP *:4443
>>>> (LISTEN)
>>>> apache2 1900 www-data 4u IPv6 25965 0t0 TCP *:4443
>>>> (LISTEN)
>>>> apache2 1902 www-data 4u IPv6 25965 0t0 TCP *:4443
>>>> (LISTEN)
>>>> cupsd 1910 root 6u IPv6 34562 0t0 TCP [::1]:631
>>>> (LISTEN)
>>>> cupsd 1910 root 7u IPv4 34563 0t0 TCP
>>>> 127.0.0.1:631 (LISTEN)
>>>> java 2234 tomcat 41u IPv6 58159 0t0 TCP *:8080
>>>> (LISTEN)
>>>> apache2 2291 www-data 4u IPv6 25965 0t0 TCP *:4443
>>>> (LISTEN)
>>>> apache2 2292 www-data 4u IPv6 25965 0t0 TCP *:4443
>>>> (LISTEN)
>>>> apache2 2360 www-data 4u IPv6 25965 0t0 TCP *:4443
>>>> (LISTEN)
>>>> dnessett@Mount:~$
>>>>
>>>> Thanks for any help you can give.
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
>>>> <mailto:user-unsubscr...@guacamole.apache.org>
>>>> For additional commands, e-mail: user-h...@guacamole.apache.org
>>>> <mailto:user-h...@guacamole.apache.org>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
>>> <mailto:user-unsubscr...@guacamole.apache.org>
>>> For additional commands, e-mail: user-h...@guacamole.apache.org
>>> <mailto:user-h...@guacamole.apache.org>
>>>
>>
