Solved

Citrix Access Gateway with AAC - configuration of certificates

Posted on 2007-11-19
4
1,460 Views
Last Modified: 2010-04-21
Hi all

Could anyone please provide me with some detailed steps on how to setup a CAG / AAC 4.5 (Advanced) implementation with certificates?

For testing purposes I just want to configure this so that I can connect to the CAG/AAC without purchasing a cert but using the one that comes with it if possible...
I intend to buy one from Verisign later...

Apparently I need a server cert and a root cert but am unsure as to which one is installed where, and where the certs are obtained from (on the AAC?)

Please do not send just random links - I am quite knowledgable in Citrix and have tried the usual googling/Citrix Knowledge base searches...

Many thanks

JG
0
Comment
Question by:thegordo
  • 2
  • 2
4 Comments
 
LVL 5

Accepted Solution

by:
t_swartz earned 500 total points
ID: 20313730
Create a cert request on your certificate server, I'm assuming you are running windows. Very broad strokes: Once you create the cert and approve it, you have to convert it to the format the CAG takes (I may be wrong, but I think there is a citrix tool to do this), then import into the cag. I just went through this about three months ago, exactly what you are doing, but I bought the cert from go daddy (only $79/yr I think). I'll watch this question, and I can refer the the system i setup to answer questions.
0
 
LVL 6

Author Comment

by:thegordo
ID: 20328036
So say I have a remote client, a CAG and a AAC server. Does your solution above secure the comms between the CAG and the AAC or the client and the CAG?

Sorry but I am being stupid...!
0
 
LVL 5

Expert Comment

by:t_swartz
ID: 20328115
Not stupid, it is confusing to me as well. The setup you are refering to secures the communications between the cag and the client. You can secure the comms between the aac and the cag as well as I recall. In the setup you have, the cag just becomes a gateway, the aac server does all the access control, about the only thing the cag does that I can figure out for sure is allow those connections and provide a web interface to deliver the apps you specify within the access control manager console (that is configuring the settings on the aac). Side note, something I learned in setting mine up, on general cag/aac operation, as you publish different things for your users, you have to go into the citrix access server configuration tool and deploy the logon points. As you edit the changes, you remove and redeploy those logon points so the settings take effect.
0
 
LVL 6

Author Closing Comment

by:thegordo
ID: 31473531
Many thanks for your help - much appreciated!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Let’s list some of the technologies that enable smooth teleworking. 
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now