SSL expired, Caqn we turn off security for a short time

Posted on 2008-11-06
Last Modified: 2012-06-22
We have Citrix Meta frame and our SSL Expired. We renewed, but it will be several hours before the SSL is active again. Users are getting an error "cannot connect to the Citrix XenApp Server, ssl error 70, the server sent an expired security certificate"

Can we turn off in Citrix the requirement that the gateway only send secure traffic so users can get in until our ssl is updates later today?
Question by:actConsultant
    LVL 36

    Accepted Solution

    One option, give the Web Interface server a FQDN and use that FQDN.

    Just tested it in my lab.  I was able to completely bypass the SSL stuff by going to  I got the login screen and was able to successfully login.
    LVL 36

    Expert Comment

    by:Carl Webster
    Sorry, that should have been XenApp not AenApp.

    Author Comment

    Do I need to configure anything on the Citrix server?  IF so where?
    LVL 36

    Expert Comment

    by:Carl Webster
    I made NO changes to any of my servers.
    LVL 9

    Assisted Solution

    if you are expecting users to access the system over the internet you can.

    1.  assign an live internet ip address to your citrix the command is altaddr
    2.  setup your web interface to use alternate addressing instead of the csg direct
    3.  allow web traffic to your web interface server and ica traffic (tcp 1494) to your citrix server.

    this isnt as secure, but ica traffic if fairly secure just based on its nature.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
    This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
    How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now