On Fri, Nov 17, 2023 at 6:43 AM Remush <[email protected]> wrote:
> Hey there! > > If I want to use my guacamole with HTTPS, do I have to set my certificate > in the guacd.conf file with the key and also set the ssl feature in the > guacamole.properties? > No, this does not enable HTTPS - guacd does not provide the HTTP/WebSocket component of the application. Tomcat provides HTTP and WebSocket, and if you want TLS encryption (HTTPS and/or WSS), you need to either 1) enable HTTPS support in Tomcat, or 2) put a reverse proxy in front of Tomcat. Proxying Tomcat is the more popular option, and is covered in this section of the manual: https://guacamole.apache.org/doc/gug/reverse-proxy.html The settings you mentioned in guacd.conf and guacamole.properties allow you to encrypt traffic between Tomcat (the web application) and guacd, which is useful for situations where guacd and Tomcat and running on different systems, to protect that traffic, which would otherwise be plain-text/image. -Nick >
