Xpra: Ticket #2656: Question html5 clients with proxy and ssl

Hello,

I want multiple html5 web-clients be able to connect through a single port (8080) and reach their individual xpra session. I have successfully built this setup using:

sqlite_auth.py xpra-auth.sdb create
sqlite_auth.py xpra-auth.sdb add user1 pass1 user1 user1 tcp://localhost:10101/
sudo xpra proxy :10100 --bind-tcp=0.0.0.0:8080 --html=on --socket-dir=/tmp --no-daemon --tcp-auth=sqlite,filename=./xpra-auth.sdb
xpra start :10101 --bind-tcp=0.0.0.0:10101 --no-daemon
-> http://domain:8080/index.html?username=user1&password=pass1

However, if I enable SSL it fails:

sqlite_auth.py xpra-auth.sdb create
sqlite_auth.py xpra-auth.sdb add user1 pass1 user1 user1 tcp://localhost:10101/
sudo xpra proxy :10100 --bind-ssl=0.0.0.0:8080 --ssl=www --ssl-key=privkey.pem \
	--ssl-cert=fullchain.pem --html=on --socket-dir=/tmp --no-daemon \
	--tcp-auth=sqlite,filename=./xpra-auth.sdb
xpra start :10101 --bind-tcp=0.0.0.0:10101 --no-daemon
-> https://domain:8080/index.html?username=user1&password=pass1

The proxy error message is:

2020-03-19 14:40:40,161 Error: the proxy server requires an authentication mode,
2020-03-19 14:40:40,161  client connection 'wss' does not specify one
2020-03-19 14:40:40,161  use 'none' to disable authentication

How can SSL/WSS be enabled for this setup?



Thu, 19 Mar 2020 14:43:57 GMT - Antoine Martin: status changed; resolution set

If you use bind-ssl then you must use ssl-auth, not tcp-auth.


Fri, 20 Mar 2020 08:45:31 GMT - peter0914:

This works, thank you!


Sat, 23 Jan 2021 05:57:14 GMT - migration script:

this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/2656