Web-based connection and Chromebook security policy

Forum / General Discussions / Web-based connection and Chromebook security policy

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #17428
    r91085
    Participant

    Is it possible to just use only http connect to NoMachine without https over SSL ?

    My ChromeBook has some security policy. If I use it connect to NoMachine over https, I will get the error “Your connection is not private (NET::ERR_CERT_AUTHORITY_INVALID)”. And in my ChromeBook I can not force pass this error like normal chromebrower on other computer.

    Thanks for your help

    #17443
    Irek
    Participant

    Hello r91085,

    yes, it is possible to use HTTP, all you have to do is to disable redirection on NoMachine server side.

    To do that, please edit:

    InstallationDirectory/etc/htd.cfg

    and remove or comment out following lines:

    
    <VirtualHost _default_:*>
    RewriteEngine on
    
            ReWriteCond %{SERVER_PORT} !^4443$
            RewriteRule ^/(.*) https://%{SERVER_ADDR}:4443/nxwebplayer [R,L]
    </VirtualHost>
    

    and then restart nxhtd server:

    InstallationDirectory/bin/nxserver --restart nxhtd

    After that, you can access NoMachine Web Player by typing

    http://<IP address>:4080

    #17454
    r91085
    Participant

    Thanks for your help . I did that and now http don’t redirect to https .

    But there is another new problem , when I use http connection , I get the error message below:

    ” ERROR Cannot start NoMachine Web Player.#Error while reading socket FD#424, error is: Connection reset by peer ”

    The error message didn’t exist in https mode.

    Could you help me fix that ?

    Thanks you a lot again

    #17489
    Irek
    Participant

    Hello r91085,

    let’s clarify one thing. Installation comes with a self-signed an SSL Certificate File and SSL Certificate Key file intended to be just a sample. They are, respectively:

    installation directory/etc/keys/host/ht_host_rsa_key.crt
    installation directory/etc/keys/host/ht_host_rsa_key

    Administrators have to replace the sample SSL Certificate File and Key File with their own certificate self-signed or acquired from a CA. you can read more about that with the following article: https://www.nomachine.com/DT03O00127#3

    In any case, we’d like to take a look at the logs in just to make sure there’s nothing wrong in NoMachine
    Please follow the instructions here: https://www.nomachine.com/DT10O00163#1
    and uncomment and set these 2 keys in server.cfg like this:

    SessionLogLevel 7
    WebSessionLogLevel 7

    Send them to forum[at]nomachine[dot]com

    #17627
    r91085
    Participant

    I just updated to new version and create server log.

    I send the log file as you say ~  and thanks for the explaination of SSL Certificate Key

    But right now I still need http work …

     

    Thanks you a lot

    Attachments:
    #17634
    Irek
    Participant

    Hello r91085,

    I realise now that my answer was incomplete. So, by adding into:

    InstallationDirectory/etc/htd.cfg

    and add following lines at the end of file, please make sure that this new line is :

    PassEnv ALLUSERSPROFILE USERPROFILE

    so end of htd.cfg file will looks like :

    <Directory "C:\Program Files (x86)\NoMachine/">
      AllowOverride None
      Options +FollowSymLinks +ExecCGI
      Require all granted
    </Directory>
    
    PassEnv ALLUSERSPROFILE USERPROFILE
    

    and then restart nxhtd server:

    InstallationDirectory/bin/nxserver --restart nxhtd

    #17648
    r91085
    Participant

    Thanks for your help ~

    It works fine right now ~

     

    #17826
    r91085
    Participant

    I have a new problem .

    I just switch from NoMachine Enterprise Desktop Evaluation version to Product version.

    When I used ChromeBook connect to target machine (Windows 10) , sometimes I got WebRTC error after typing password and I will re-connect several times. After I connecting to it successfully, I will see many “nxwebplayer.exe” existed in background (2.png) .

    Real problem is that there will be an fixed area in the screen the mouse click event is invalid (1.jpg). No matter which software on the top, local side operating or remote control, the area seem can not receive mouse event.

    Only way to recovery is restart os or relogin…

    Could you help me see what happen?

    Thanks you very much

     

     

     

     

    Attachments:
    #17831
    Britgirl
    Keymaster

    If you have an Enterprise Desktop Subscription, you can get access to the support team by logging in with the customer ID and password you received at the time of purchase 😉

    Switching to the production version shouldn’t trigger such problems with logging in or multiple processes. These need to be investigated thoroughly: the support team will be able to assist you further.

Viewing 9 posts - 1 through 9 (of 9 total)

This topic was marked as solved, you can't post.