Barrier Setup Linux Host Windows Guest with SSL

Barrier Setup Linux Host Windows Guest.md

Setup Barrier with SSL on Linux / Mac <-> Windows machines

You will need to generate cert on Both Machines individually

On Linux

go to /.local/share/barrier/SSL/

Create a folder mkdir -p Fingerprints

openssl req -x509 -nodes -days 365 -subj /CN=barrier -newkey rsa:4096 -keyout Barrier.pem -out Barrier.pem
openssl x509 -fingerprint -sha1 -noout -in Barrier.pem > Fingerprints/Local.txt
sed -e "s/.*=//" -i Fingerprints/Local.txt

Finally folder structure should look like below

├── Barrier.pem
└── Fingerprints
    └── Local.txt

On Mac

Go to

/Users/$USER/Library/Application Support/barrier/SSL

Create a folder mkdir -p Fingerprints

openssl req -x509 -nodes -days 365 -subj /CN=barrier -newkey rsa:4096 -keyout Barrier.pem -out Barrier.pem && openssl x509 -fingerprint -sha1 -noout -in Barrier.pem > Fingerprints/Local.txt && sed -e "s/.*=//" -i '' Fingerprints/Local.txt

Finally folder structure should look like below

├── Barrier.pem
└── Fingerprints
    └── Local.txt

On Windows

Few extra steps involved

Install OpenSSL terminal application

Install sed tool using winget winget install mbuilov.sed site

Similar to linux

Go to AppData\Local\Barrier\SSL

Create folder Fingerprints

Now open the OpenSSL CMD client from windows start menu and generate the below

openssl req -x509 -nodes -days 365 -subj /CN=barrier -newkey rsa:4096 -keyout Barrier.pem -out Barrier.pem

openssl x509 -fingerprint -sha1 -noout -in Barrier.pem > Fingerprints/Local.txt

for the step involving sed may have to be done manually and leave only the signature

or use GitBash to run sed -e "s/.*=//" -i Fingerprints/Local.txt

On Barrier

Enable SSL and auto config or pass the server ip address, you will be prompted for the SSL signature check if the signatures are same.

Should you need to swap the server and client, should be able to do so with minimal friction.

Source 1 Source 2 Source 3