Re: [Thinstation-general] rdesktop adding a certificate
Brought to you by:
doncuppjr
From: aydin p. <pay...@gm...> - 2022-03-31 18:49:17
|
Hello, Don, thank you very much, it worked without any problems. Regards, Aydin On Wed, 30 Mar 2022 at 17:39, Don Cupp via Thinstation-general < thi...@li...> wrote: > I think rdesktop uses a known_certs file to keep track of certificates it > trusts. > > You could precreate the file in the chroot, then copy > > ~/.local/share/rdesktop/certs/known_certs to > /build/packages/rdesktop/etc/skel/.local/share/rdesktop/certs/known_certs > > > > On Tuesday, March 29, 2022, 02:18:39 PM PDT, aydin paykoc < > pay...@gm...> wrote: > > > > > > Hello, > > Don, thank you for your guidance. > > ca-bundle did run this time, with the errors like; > > certutil: unable to open "root" for reading (-5950, 2). > certutil: unable to open "root" for reading (-5950, 2). > cp: can't stat 'root': No such file or directory > Can't open /etc/ssl/certs/root.pem for reading, No such file or directory > 139844813227328:error:02001002:system library:fopen:No such file or > directory:crypto/bio/bss_file.c:69:fopen('/etc/ssl/certs/root.pem','r') > 139844813227328:error:2006D080:BIO routines:BIO_new_file:no such > file:crypto/bio/bss_file.c:76: > unable to load certificate > ln: /etc/ssl/certs/.0: File exists > > > > I think there is something wrong in parsing as the certutil is trying to > add certificates like root, Mar, -rw-r--r-- etc. > But despite these errors it did run and I can see the certificates in the > build. > In /etc/ssl directory of the build there is a file called cert.pem which > has all the certificates including the certificate that I put. > All certificates also present under /etc/ssl/certs directory. > Still no luck though, I am getting the same certificate error. > If the build seems correct to you this means that there is something wrong > in my certificate. > Regards, > Aydin > > > > On Tue, 29 Mar 2022 at 01:47, Don Cupp via Thinstation-general < > thi...@li...> wrote: > > Once build completes, you should not have /certs anymore. If it is > still there, then the post script for ca-bundle did not run. > > > > > > Sent from Yahoo Mail for iPhone > > > > On Monday, March 28, 2022, 1:11 PM, aydin paykoc <pay...@gm...> > wrote: > >> Hello, > >> > >> I am using Thinstation 6.2 Stable and trying to set up a RDP connection > to a Windows 2019 server > >> via rdesktop. > >> > >> As far as I know rdesktop does not support NLA so i disabled NLA from > Windows. > >> Windows also creates a self signed certificate which you can accept > during your first login. > >> But with the build image it does not prompt and closes the connection. > >> > >> As I could not find an option to pass an argument to the certificate > question I decided to > >> add the certificate to the build. I have followed the instructions from; > >> https://github.com/Thinstation/thinstation/wiki/Certificates > >> > >> In my build I can see /certs folder and in /certs/trusted folder I have > my certificate but the > >> result does not change, still certificate is not trusted and the > connection is closed. > >> > >> Clearly I am missing something. > >> > >> The certificate is base64 encoded and ends with .pem. Is the name of > the certificate important? > >> Currently my certificate is called rdpcert.pem. > >> > >> If the name is not important what I am missing for rdesktop to pick up > this certificate > >> during rdp connection. > >> > >> Regards, > >> > >> Aydin > >> > >> > >> _______________________________________________ > >> Thinstation-general mailing list > >> Thi...@li... > >> https://lists.sourceforge.net/lists/listinfo/thinstation-general > >>> > > > > _______________________________________________ > > Thinstation-general mailing list > > Thi...@li... > > https://lists.sourceforge.net/lists/listinfo/thinstation-general > > > > _______________________________________________ > Thinstation-general mailing list > Thi...@li... > https://lists.sourceforge.net/lists/listinfo/thinstation-general > > > _______________________________________________ > Thinstation-general mailing list > Thi...@li... > https://lists.sourceforge.net/lists/listinfo/thinstation-general > |