teward Wrote: ------------------------------------------------------- > This works fine if > the web frontend is open to all, but we want to restrict it so that > only one WSS pathway can actually be used and no other WSS requests > work. To clarify, there's a separate `server { }` block handling the gateway separate from the RDWeb ingress point. This is necessary for the wssby teward - Nginx Mailing List - English
This will sound a little odd, but we have an NGINX reverse proxy acting as an SSL termination point for a remote desktop web gateway from Microsoft. Currently, the primary Web Client ingress point is protected by SSL Client Certificates - you must have a valid SSL CLient Certificate to get to the web component. However, RDWeb from Microsoft still has to establish WSS connections (`wss://...`by teward - Nginx Mailing List - English