Hi, The purpose of this post is to find the root cause or explanation of an issue that I am experiencing with guacd 1.5.5 and OpenSSL 3.3 connecting to legacy Windows devices (e.g. Windows 7).
https://github.com/apache/guacamole-server/commit/f906b14f9f7102dfaaf11bbd7c694b1efeacafc2 As commented in the link above, I have observed that the change in this commit also affects to guacd compatibility with legacy Windows devices (e.g. Windows 7). Basically, what I have found is that building guacd 1.5.5 with OpenSSL 3.3 (default for Alpine 3.20) raises the following error on trying to connect to Windows 7 devices: RDP server closed/refused connection: SSL/TLS connection failed (untrusted/self-signed certificate?) On the other hand, on building guacd 1.5.5 with openssl1.1-compat-dev the problem goes away. Note that this issue with OpenSSL 3.3 is reproduced only in legacy devices, as everything seems to work properly with newer Windows versions. At first, I thought that the issue may be related with the default (only) support of TLSv1.0 in Windows 7 and the lack of default support of this version TLSv1.0 in OpenSSL 3.3, but after either trying to enable support for TLSv1.0 in OpenSSL 3.3 or trying to enable TLSv1.2 in the Windows 7 machine, the issue is still there. Any clues about what is the logical explanation / reason for this behaviour? Thanks in advance. Sent from my iPhone
