Solved

Citrix Access Gateway with AAC - configuration of certificates

Posted on 2007-11-19
4
1,471 Views
Last Modified: 2010-04-21
Hi all

Could anyone please provide me with some detailed steps on how to setup a CAG / AAC 4.5 (Advanced) implementation with certificates?

For testing purposes I just want to configure this so that I can connect to the CAG/AAC without purchasing a cert but using the one that comes with it if possible...
I intend to buy one from Verisign later...

Apparently I need a server cert and a root cert but am unsure as to which one is installed where, and where the certs are obtained from (on the AAC?)

Please do not send just random links - I am quite knowledgable in Citrix and have tried the usual googling/Citrix Knowledge base searches...

Many thanks

JG
0
Comment
Question by:thegordo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 5

Accepted Solution

by:
t_swartz earned 500 total points
ID: 20313730
Create a cert request on your certificate server, I'm assuming you are running windows. Very broad strokes: Once you create the cert and approve it, you have to convert it to the format the CAG takes (I may be wrong, but I think there is a citrix tool to do this), then import into the cag. I just went through this about three months ago, exactly what you are doing, but I bought the cert from go daddy (only $79/yr I think). I'll watch this question, and I can refer the the system i setup to answer questions.
0
 
LVL 6

Author Comment

by:thegordo
ID: 20328036
So say I have a remote client, a CAG and a AAC server. Does your solution above secure the comms between the CAG and the AAC or the client and the CAG?

Sorry but I am being stupid...!
0
 
LVL 5

Expert Comment

by:t_swartz
ID: 20328115
Not stupid, it is confusing to me as well. The setup you are refering to secures the communications between the cag and the client. You can secure the comms between the aac and the cag as well as I recall. In the setup you have, the cag just becomes a gateway, the aac server does all the access control, about the only thing the cag does that I can figure out for sure is allow those connections and provide a web interface to deliver the apps you specify within the access control manager console (that is configuring the settings on the aac). Side note, something I learned in setting mine up, on general cag/aac operation, as you publish different things for your users, you have to go into the citrix access server configuration tool and deploy the logon points. As you edit the changes, you remove and redeploy those logon points so the settings take effect.
0
 
LVL 6

Author Closing Comment

by:thegordo
ID: 31473531
Many thanks for your help - much appreciated!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Citrix XenDesktop 7.6 Citrix Policies Graphics
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question