I'm using guacamole () to access (parts of) my home (Debian) computer clientless, on the go.
From my work computer (University Network) the screen is however not updating and only shows "Connecting, waiting for first update...". According to the FAQ () this is likely due to a proxy between my home and my work computer not flushing it's buffer, and can be solved by using https.
I did that by: (1) Creating my own certificate following () and adding to a keystore-file (2) Adding to the tomcat6 server.xml:
<Connector protocol="org.apache.coyote.http11.Http11Protocol" port="8443" maxThreads="200" scheme="https" secure="true" SSLEnabled="true" keystoreFile="/usr/share/tomcat/.keystore" keystorePass="mypassword" clientAuth="false" sslProtocol="TLS"/>(3) Adding to the guacd config file:
guacd-ssl: trueI can actually access and login, yet, when I try to actually open a session (i.e. view my home-desktop) I get Server error (in quacamole design, not like a browser or http error message) in my browser window. At the same time the tomcat-log file states:
SEVERE: Server error in tunnel
[...] PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target(full log available at )
31 Answer
Have you tried removing/commenting:
guacd-ssl: true
on guacd config file...
This worked for me.
