0

i'm trying to figure out how and where to set right configuration to get working SSL beetween guacd and server guacamole (tomcat web srv).

I am using docker solution environment and i am bit confused where put right configuration. Let me explain what i've understood and hope someone can clarify me.

  • guacamole.properties and guacd.conf has to be on same $GUACAMOLE_HOME dir (guacamole container)? or guacamole.properties has to be put inside guacamole container and guacd.conf inside guacd container? (If Yes, under which directory, in guacd container?)

Below container commands :

docker run --name guacd_ssl --restart=always -v /opt/docker_data/guacd:/opt/local -e GUACD_LOG_LEVEL=debug -p 57822:4822 -d guacamole/guacd

docker run --name guacamole-1.2.0-SSL --restart=always -e MYSQL_DATABASE=guacamole_db -e MYSQL_USER=guacamole_user -e MYSQL_PASSWORD=password -e --link guacd_ssl:guacd --link db_guacamole:mysql -v /opt/docker_data/guacamole:/opt/local -e GUACAMOLE_HOME=/opt/local -e GUACD_PORT=57822 -e GUACD-SSL=true -d -p 8090:8080 guacamole/guacamole:latest

Now, certificates where are to be putted? in /opt/docker_data/guacamole (host dir) or into /opt/docker_data/guacd (host dir) ?

Configuration files:

guacd.conf

[ssl]

server_certificate = /opt/local/cert.pem
server_key = /opt/local/key.pem

guacamole.properties

guacd-ssl: true

Can you help me understand? Regards

Agiftel Longwave
  • 47
  • 1
  • 9

1 Answers1

2

To enable SSL for guacd in docker environment, you will need to copy SSL certificate and key into the guacd container. You can do so by creating a customized image atop of the guacd image or via volume mount. If you want to take the first option, you can find guacd Dockerfile at here.

guacamole-properties and guacd.conf are two different files.

guacamole-properties is the configuration file for guacamole-client while guacd.conf is the configuration file for guacamole-server(guacd). Usually, you will place both files in /etc/guacamole/. For docker, the situation is slightly different.

In docker, the default GUACAMOLE_HOME for the guacamole-client container is located at /root/.guacamole. You can find the guacamole.properties file here.

For guacd, you can place your guacd.conf in /etc/guacamole/.

For the certificate and key, you can place it anywhere you like as long as you mentioned the path in guacd.conf.

Song Lim
  • 298
  • 3
  • 11
  • Hi, you said ti Place guacd.conf under /etc/guacamole. Ok, but in wichc container? I am using 2 different container, One for guacamole client and One for guacamole server. – Agiftel Longwave Sep 09 '20 at 11:43
  • Solved! I had to create /etc/guacamole folder under "guacd container" and put guacd.conf under that folder. Then all is running now! Thank you @Song for your hints. – Agiftel Longwave Sep 09 '20 at 14:11