Client SSL Configuration

<p>Is there any way to configure within the client, each hub's SSL port on a per-hub/server basis? Or perhaps to enable/disable client-side SSL support on a per-server basis?
</p>
<p>This would be most useful when there's more than one VHUSBIP server behind a single NATed gateway.
</p>
<p>For instance.<br />
1) User wants to connect from an AWS WorkSpace (a NATed environment), to a VHUSBIP server running behind a local NAT gateway.<br />
2) User port-forwards ingress NAT on the local gateway to the VHUSB server.<br />
3) Now user wants to add a 2nd VHUSB device behind their NAT gateway: how does the user designate a different SSL port in the client?
</p>

#2

Download 2.8.5 of the client and edit the vhui.ini file and specify the comma separated list of SSL ports that your servers may be on, e.g:

[General]
sslPort=7574,7573,7572

#4

Hi Michael,

So I am attempting to achieve the above but I am unable to get it to work. I am using SSL reverse TCP and I've specified the client port that I want SSL to listen on. I edited the .vhui file when vhclientarmhf was not running and added sslPort=7578. Then I started the client and checked the logs and it was still listening on port 7572. I also tried this on a device with kernel 5.4.51 with the same result so I don't think it is kernel related. Any help is appreciated!

# .vhui
[General]
sslPort=7578
ReverseLookup=0
SSLReverseLookup=1
SSLCAFile=/home/user/ca.pem

~$ sudo vhclientx86_64 -n
~$ sudo cat /var/log/syslog | tail
Jul 31 18:21:32 hostname VirtualHere Client: Auto-find using Bonjour - off
Jul 31 18:21:49 hostname VirtualHere Client: VirtualHere Client 5.0.7 starting (Compiled: Jul 27 2020 12:15:36)
Jul 31 18:21:49 hostname VirtualHere Client: Client OS is Linux 4.4.0-186-generic x86_64
Jul 31 18:21:49 hostname VirtualHere Client: Using config at /home/user/.vhui
Jul 31 18:21:49 hostname VirtualHere Client: IPC available at /tmp/vhclient
Jul 31 18:21:49 hostname VirtualHere Client: VirtualHere Client is running as a service
Jul 31 18:21:49 hostname VirtualHere Client: Using SSL CA File /home/user/ca.pem
Jul 31 18:21:49 hostname VirtualHere Client: Auto-find using Bonjour - on
Jul 31 18:21:49 hostname VirtualHere Client: Auto-find using Bonjour SSL - on
Jul 31 18:21:49 hostname VirtualHere Client: SSLReverseLookupService listening on port 7572

#5

In the client config use

SSLReverseLookupPort=7578

instead of SSLPort as SSLPort is just for forward connections