Unable to disable https redirect for web connections

Forums / NoMachine for Windows / Unable to disable https redirect for web connections

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #32162
    AvatarJiggledad
    Participant

    According to instructions in article AR07P00986, we should be able to disable https redirects when attempting to access nxwebplayer via http://ipaddress:4080, but these instructions appear to be out of date and are no longer applicable. I attempted many variations of this by modifying htd.cfg as indicated, but nothing seemed to produce the desired result, always giving an error message related to using http to communicate with an encrypted server, or a generic internal server error.

    To give a little background, I have Caddy providing encryption for several other services already, and it requires ports 80 and 443, so giving those ports over to NoMachine entirely is not a great solution for me.  If I can get NoMachine to serve over unencrypted http in the browser, I believe I can get Caddy to provide the encryption from that point.  I’m relatively new to this world of servers and services, and I am just experimenting really, so please feel free to let me know if I’m doing something stupid.

    For reference, I’m using NoMachine enterprise desktop evaluation, version 7.1.3, in Windows 10.

    P.S.  You guys are awesome, and thank you for NoMachine, been using it for years.

    #32167
    AvatarJiggledad
    Participant

    I tried a few more things, and finally found a configuration that would disable the redirect successfully.  That said, I am still having difficulty getting Caddy to serve the webplayer successfully through a reverse proxy to a subdomain.  It will load the webplayer, and log into the remote computer successfully (PC shows popup notification that user has connected), but will not actually load the picture remotely (all is successful if logging in from LAN using direct IP in browser).  I’m not yet sure if it’s a limitation of Caddy, or if I need some additional configuration on one side or the other.  If anyone knows anything I can try, I would greatly appreciate it.

    I’ve copied the relevant block from htd.cfg below, in case it can help anyone else out.

     

    #commented out 4 lines below as  somewhat indicated by previous article

    #RewriteEngine On

    #ReWriteCond %{SERVER_PORT} !^4443$

    #RewriteCond %{REQUEST_URI} !^/?favicon.ico$

    #RewriteRule ^/(.*) https://%{SERVER_ADDR}:4443/nxwebplayer [R,L]

     

     

    #changed this port from 4443 to 4080, commented out SSL related stuff

    <VirtualHost 0.0.0.0:4080>

     

    ServerAdmin you@example.com

     

    RewriteEngine On

    RewriteCond %{REQUEST_URI} !^/?nxwebplayer$ [NC]

    RewriteCond %{REQUEST_URI} !^/?(event|eventinit)$

    RewriteCond %{REQUEST_URI} !^/?nxplayer/(js|images|style|languages)/.*$

    RewriteCond %{REQUEST_URI} !^/?nxinfo/[a-fA-F0-9]{32}\.info$

    RewriteCond %{REQUEST_URI} !^/?favicon.ico$

    RewriteCond %{REQUEST_URI} !^/?$

    RewriteRule ^(.*)$ – [F,L]

     

    #    SSLEngine on

     

    #    SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

     

    #    #server certificate:

    #    SSLCertificateFile “C:/Program Files (x86)/NoMachine/etc/keys/host/ht_host_rsa_key.crt”

     

    #    #private server key:

    #    SSLCertificateKeyFile “C:/Program Files (x86)/NoMachine/etc/keys/host/ht_host_rsa_key”

     

    #    #server certificate chain:

    #    #SSLCertificateChainFile “C:/Program Files (x86)/NoMachine/etc/nomachine-CA.crt”

     

    #    #Certificate Authority (CA):

    #    #SSLCACertificateFile “C:/Program Files (x86)/NoMachine/etc/nomachine-CA.crt”

     

    #    SSLCipherSuite ALL:!ADH:!EXPORT56:!3DES:+HIGH:+MEDIUM:!RC4:!IDEA-CBC-SHA

     

    PassEnv ALLUSERSPROFILE USERPROFILE

    SetEnvIf User-Agent “.*MSIE.*” \

    nokeepalive ssl-unclean-shutdown \

    downgrade-1.0 force-response-1.0

    </VirtualHost>

    #32251
    AvatarBritgirl
    Keymaster

    Hi, a new article has been inserted. Thank you for pointing out that the current article needed updating.

    For version 6.10 onwards, you should use this: https://www.nomachine.com/AR03S01112. Let us know if you’re still having issues.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.