noVNC on https ?

[streki]

I think the title is explicit!

It's because I would like the vnc password to be protected!

[kanaka]

If you have a self.pem at the top-level of you noVNC repo/installation then launch.sh will automatically add the --cert option to the websockify invocation. Or you can just launch websockify directly and pass the --cert option pointing to your SSL certificate file.

Once you've done that, websockify will automatically start answering https requests on the same port as normal http (and WebSocket connections).

Also, don't forget to set the encrypt setting in noVNC itself otherwise you will use http for the static web pages but still use an unencrypted connection for the WebSocket connection.

Both https and wss (encrypted websocket connections) require that websockify was started with a cert file (the --cert option).

[kanaka]

The process for generating a self-signed SSL certificate file is described on the noVNC Advanced Usage page

[streki]

Thanks a lot for your support!

[drui9]

2024 Update:
Available on nginx with let's encrypt certificate.
`
server {

    server_name www.yourdomain-here.com;

    location / {
            proxy_pass http://localhost:6080;
    }
    location /websockify {
            proxy_pass http://localhost:6080;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "Upgrade";
            proxy_read_timeout 600s;
            proxy_buffering off;
    }
    server_tokens off;
    gzip off;

}
Then runsudo certbot --nginx`