clarkeyi
asked on
Help setting up a Citrix Access Gateway with Advanced Access Control
Hello
We have just purchased a Citrix Access gateway (CAG) and bought the Advances Access Control (AAC)
Both are installed fine and now I have got to the part where I need to install the cetificates on both servers for SSL and I am getting a bit stuck.
So far I have installed a standard SSL Web Certificate from our internal CA from our Windows 2003 server on to the AAC. - Is this correct?
I am more stuck on the CAG - I have requested a certificate through the CAG using the 'Certificate Signing Request' Tab. This creates a CSR file. For testing purposes I have used my internal CA to process the request and create a Cer file. I then try and upload the certificate, again on the CAG using 'Secure certificate management' under the Administration tab. But each time I try it replies with 'Certificate upgrade failed'.
It is also the same for .crt and .pem uploads.
So I am stuck as how to create the correct certificates and upload them. Not even too sure how many certificates I need!.
I tried to enable AAC on the Gateway to use the AAC server. When I add the IP address of the AAC and select secure connection it replies with an error which I guess is SSL related. When I do not tick secure connection it accepts the IP address but when I go on the AAC server and try to discover the CAG it cannot find it.
Any suggestions or step by step guides will be helpful as I am now going in circles on this one!!!
Thanks
We have just purchased a Citrix Access gateway (CAG) and bought the Advances Access Control (AAC)
Both are installed fine and now I have got to the part where I need to install the cetificates on both servers for SSL and I am getting a bit stuck.
So far I have installed a standard SSL Web Certificate from our internal CA from our Windows 2003 server on to the AAC. - Is this correct?
I am more stuck on the CAG - I have requested a certificate through the CAG using the 'Certificate Signing Request' Tab. This creates a CSR file. For testing purposes I have used my internal CA to process the request and create a Cer file. I then try and upload the certificate, again on the CAG using 'Secure certificate management' under the Administration tab. But each time I try it replies with 'Certificate upgrade failed'.
It is also the same for .crt and .pem uploads.
So I am stuck as how to create the correct certificates and upload them. Not even too sure how many certificates I need!.
I tried to enable AAC on the Gateway to use the AAC server. When I add the IP address of the AAC and select secure connection it replies with an error which I guess is SSL related. When I do not tick secure connection it accepts the IP address but when I go on the AAC server and try to discover the CAG it cannot find it.
Any suggestions or step by step guides will be helpful as I am now going in circles on this one!!!
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
One more question, I have created a web server certificate on the AAC server. Do I need the same type of certificate on the CAG. Not the root certificate but the other of the two?. As I am not sure how this one is created?
Cheers