Citrix Access Gateway with AAC - configuration of certificates

Hi all

Could anyone please provide me with some detailed steps on how to setup a CAG / AAC 4.5 (Advanced) implementation with certificates?

For testing purposes I just want to configure this so that I can connect to the CAG/AAC without purchasing a cert but using the one that comes with it if possible...
I intend to buy one from Verisign later...

Apparently I need a server cert and a root cert but am unsure as to which one is installed where, and where the certs are obtained from (on the AAC?)

Please do not send just random links - I am quite knowledgable in Citrix and have tried the usual googling/Citrix Knowledge base searches...

Many thanks

JG
LVL 6
thegordoAsked:
Who is Participating?
 
t_swartzConnect With a Mentor Commented:
Create a cert request on your certificate server, I'm assuming you are running windows. Very broad strokes: Once you create the cert and approve it, you have to convert it to the format the CAG takes (I may be wrong, but I think there is a citrix tool to do this), then import into the cag. I just went through this about three months ago, exactly what you are doing, but I bought the cert from go daddy (only $79/yr I think). I'll watch this question, and I can refer the the system i setup to answer questions.
0
 
thegordoAuthor Commented:
So say I have a remote client, a CAG and a AAC server. Does your solution above secure the comms between the CAG and the AAC or the client and the CAG?

Sorry but I am being stupid...!
0
 
t_swartzCommented:
Not stupid, it is confusing to me as well. The setup you are refering to secures the communications between the cag and the client. You can secure the comms between the aac and the cag as well as I recall. In the setup you have, the cag just becomes a gateway, the aac server does all the access control, about the only thing the cag does that I can figure out for sure is allow those connections and provide a web interface to deliver the apps you specify within the access control manager console (that is configuring the settings on the aac). Side note, something I learned in setting mine up, on general cag/aac operation, as you publish different things for your users, you have to go into the citrix access server configuration tool and deploy the logon points. As you edit the changes, you remove and redeploy those logon points so the settings take effect.
0
 
thegordoAuthor Commented:
Many thanks for your help - much appreciated!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.