[
https://issues.apache.org/jira/browse/GUACAMOLE-1598?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17550534#comment-17550534
]
Nick Couchman commented on GUACAMOLE-1598:
------------------------------------------
Hmmm....so, the tls-seclevel (TlsSecLevel) option was added back in 2018:
https://github.com/FreeRDP/FreeRDP/commit/1222e7060b400da5bd6f4588cc914a56db8e16fc
I'm a bit concerned that adding support for this will mean 1) having to check
for the presence of this option in the FreeRDP version, and 2) adding Guacamole
Client support for an option that may or may not be supported by guacd. This
could make the process of tracking down connection issues tricky - although,
maybe not any trickier than it is today.
[~mjumper] [~jmuehlner] Thoughts on this one?
> Windows 7 TLS/NLA compatibility issue with openssl3
> ---------------------------------------------------
>
> Key: GUACAMOLE-1598
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1598
> Project: Guacamole
> Issue Type: Improvement
> Components: RDP
> Affects Versions: 1.4.0
> Reporter: Michael Saxl
> Priority: Major
>
> Openssl 3.0 raised the default tls security level parameters.
> This has the effect that Widows 7 / Windows 2008r2 do not work in tls/nla/ext
> security mode, only rdp security works, but this requires disabling nla on
> the remote machine.
> xfreerdp has a parameter named /tls-seclevel that if set to 0 solves this
> problem, but settings this to such a low value should only be done if the
> user really requests it.
> Remmina will get this parameter too.
>
> internally in the settings structure the attribute is named
> setting->TlsSecLevel
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
