Synology: How to Allow Guacamole to Work Over an HTTPS Connection?

Synology How to Allow Guacamole to Work Over an HTTPS Connection

Have you already installed Guacamole using docker on your Synology NAS following my step by step guide? Do you want to log in via HTTPS using your custom domain name even when you are away from home? It’s simple and free. You don’t need to buy domains, you don’t need to look for information elsewhere because here you will find the easy way to do it. Say you’re at a friend’s house and want to use Guacamole. You can access Guacamole from outside your home, just like you would any website.

Note: The guide below is deprecated – Check the new guide here: How to Run Docker Containers Over HTTPS

  • STEP 1

Please Support My work by Making a Donation.

  • STEP 2

Follow my step by step guide on how to activate your synology.me DDNS on DSM 7
Follow my step by step guide on how to activate your synology.me DDNS on DSM 6.2.4
Note: If you already own a synology.me DDNS, skip this STEP.

  • STEP 3

Go to Control Panel / Application Portal / Reverse Proxy. Click on Create. Follow the instructions in the image below.

1 Synology NAS Guacamole setup HTTPS SSL

  • STEP 4

The window below will open. Follow the instructions in the image below.

1 (Screenshot 1) On General TAB set the Reverse Proxy Description and type Guacamole. After that, add the following instructions:

Source:
Protocol: HTTPS
Hostname: yourname.synology.me
Port: 8087

Check Enable HTTP/2

Destination:
Protocol: HTTP
Hostname: localhost
Port: 8085

2 (Screenshot 2) On Custom Header TAB click Create then WebSocket.
3
 (Screenshot 3) After you click WebSocket, the rules will be created automatically. Click OK.

2 Synology NAS Guacamole setup HTTPS SSL

  • STEP 5

Go to Control Panel / Security / Certificate and check if your link yourname.synologyme:8087 is visible.

3 Synology NAS Guacamole setup HTTPS SSL

  • STEP 6

Log into your router and go to the Port Forwarding area. Select your NAS Local IP Address and port forward port 8087 both TCP/UDP. Remember that every router has its own interface design. At the moment I am using a TP-Link router. Follow the instructions in the image below:

4 Synology NAS Guacamole setup HTTPS SSL

  • STEP 7

Go back to STEP 1 or you will deal with karma 🙂

  • STEP 8

Open your browser and type in https://yourname.synology.me:8087 and you will see the HTTPS / SSL certificate working correctly. From now on you can access your Guacamole application over HTTPS from anywhere.

5 Synology NAS Guacamole setup HTTPS SSL

6 Synology NAS Guacamole setup HTTPS SSL

Note: If you don’t like to see port :8087 at the end of your link take a look at my new article HTTPS-SSL to Your Docker Containers Without Port at The End

Note: You can use the same operation described above for all docker packages you have previously installed on your Synology NAS to access them via HTTPS/SSL.
Note: At STEP 4, instead of port 8087 you can use the port of your choice, but remember to port forward it (correctly) in your router following STEP 6.
Note: If you don’t add the WebSocket rules at STEP 4 screenshots 2 and 3, when you try to log into Guacamole, the page will be blank.

This post was updated on Monday / July 12th, 2021 at 6:12 PM