winapps
winapps copied to clipboard
Published
20 hours ago •
winapps-org
winapps-org
Fail to launch apps when rdp certificate is renewed
How to reproduce :
- Install and run winapps during 3 months
- at some point the RDP certificate will be renewed by Windows
- after that , when launching a winapps app , you won't get any feedback because freerdp wants you to confirm you accept the new cert .
We need some way either for freerdp to always accept new cert or detect it and import it on the linux side
flatpak run --command=xfreerdp com.freerdp.FreeRDP /d: /u:Docker /p:Docker /scale:100 +auto-reconnect +clipboard +home-drive /audio-mode:1 -wallpaper +dynamic-resolution +span '/wm-class:Microsoft Word' '/app:program:C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE,icon:/home/michel/.local/share/winapps/apps/word-o365/icon.svg,name:Microsoft Word' /v:127.0.0.1
[13:50:44:787] [2:00000003] [WARN][com.freerdp.crypto] - [verify_cb]: Certificate verification failure 'self-signed certificate (18)' at stack position 0
[13:50:44:787] [2:00000003] [WARN][com.freerdp.crypto] - [verify_cb]: CN = DOCKERW-J03S567
[13:50:44:788] [2:00000003] [ERROR][com.freerdp.crypto] - [tls_print_certificate_error]: New host key for 127.0.0.1:3389
[13:50:44:788] [2:00000003] [ERROR][com.freerdp.crypto] - [tls_print_certificate_error]: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
[13:50:44:788] [2:00000003] [ERROR][com.freerdp.crypto] - [tls_print_certificate_error]: @ WARNING: NEW HOST IDENTIFICATION! @
[13:50:44:788] [2:00000003] [ERROR][com.freerdp.crypto] - [tls_print_certificate_error]: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
[13:50:44:788] [2:00000003] [ERROR][com.freerdp.crypto] - [tls_print_certificate_error]: The fingerprint for the host key sent by the remote host is 15:71:75:c8:42:18:21:bd:55:f5:a5:63:a3:e4:7d:83:0e:bd:61:85:5e:46:36:f6:b7:85:1b:e7:11:b2:c2:95
[13:50:44:788] [2:00000003] [ERROR][com.freerdp.crypto] - [tls_print_certificate_error]: Please contact your system administrator.
[13:50:44:788] [2:00000003] [ERROR][com.freerdp.crypto] - [tls_print_certificate_error]: Add correct host key in /home/michel/.var/app/com.freerdp.FreeRDP/config/freerdp/server/127.0.0.1_3389.pem to get rid of this message.
!!!Certificate for 127.0.0.1:3389 (RDP-Server) has changed!!!
New Certificate details:
Common Name: DOCKERW-J03S567
Subject: CN = DOCKERW-J03S567
Issuer: CN = DOCKERW-J03S567
Valid from: Jan 15 05:18:53 2025 GMT
Valid to: Jul 17 05:18:53 2025 GMT
Thumbprint: 15:71:75:c8:42:18:21:bd:55:f5:a5:63:a3:e4:7d:83:0e:bd:61:85:5e:46:36:f6:b7:85:1b:e7:11:b2:c2:95
Old Certificate details:
Subject: CN = DOCKERW-J03S567
Issuer: CN = DOCKERW-J03S567
Valid from: Aug 15 15:18:37 2024 GMT
Valid to: Feb 14 15:18:37 2025 GMT
Thumbprint: 4e:d4:b3:89:e9:70:90:bb:dc:01:c5:09:05:eb:c3:8e:2c:34:c9:5e:44:fa:d0:53:29:f0:a6:54:8c:2a:1d:e8
The above X.509 certificate does not match the certificate used for previous connections.
This may indicate that the certificate has been tampered with.
Please contact the administrator of the RDP server and clarify.
Do you trust the above certificate? (Y/T/N) Y
Thanks , works for full windows but not for apps , I'll dig why and commit a fix