Vnc with https, not using wss but ws

osallou · June 30, 2016, 9:18am

Hi,
I am accessing sunstone (one 4.8) via an HTTPS proxy.
when trying to access VNC, it fails because it tries to connect to ws instead of wss:

websock.js:285 Mixed Content: The page at ‘https://use-genocloud.genouest.org/’ was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint ‘ws://localhost:17523/’. This request has been blocked; this endpoint must be available over WSS.

However, in sunstone config I have:

:vnc_proxy_support_wss: only
:vnc_proxy_cert: /x/y.crt
:vnc_proxy_key: /x/y.key

and proxy server is running with:

root 30469 1 0 11:09 pts/3 00:00:00 python /usr/share/one/websockify/websocketproxy.py --target-config=/var/lib/one/sunstone_vnc_tokens --cert /x/y.crt --key /x/y.key --ssl-only 29876

osallou · June 30, 2016, 9:27am

Setting VNC_WSS to yes in user preference works.
However, how can I set this as default for all users ?

wilma_hermann · July 5, 2016, 8:48am

I don’t know whether there is a config option for that. Maybe change the setting with a hook?
Or you could make your HTTPS proxy deliver an HSTS header. Then the user’s browser will automatically upgrade all ws-connections to wss-connections.

Topic		Replies	Views
VNC noVNC ready: native WebSockets, canvas rendering Community Support	1	2770	January 3, 2018
VNC is not working Community Support	1	463	September 23, 2021
VNC with Sunstone behind Nginx Proxy Community Support	27	14268	February 13, 2017
VNC doen't work with https Community Support	1	933	January 8, 2018
Sunstone with Nginx Proxy - Working Configuration GUI - Sunstone	7	2788	December 14, 2021

Vnc with https, not using wss but ws

Related topics