• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1398
  • Last Modified:

Citrix Web Interface - How create and install certificate.

Hi All,

I have created A citrix webinterface for people to access across the internet. Does anyone the correct procedure for adding a certificate for the site?

Also at the moment im having to use port 81 for the site as 80 is in use. Im hoping to configure ot for port 80 at some point would this affect the certificate if port is change after certificate is added?
1 Solution
You must have IIS installed on the WI server --> Log into the machine as domain administrator.

1. Launch IE --> Point to <ca server name>/certsrv (ensure that the security settings enable ActiveX controls/scripts and that no proxy server is being used)

2. Select Request a certificate > Advanced certificate request > Create and submit a request to this CA > 

3. Select the following : Certificate Template: Web Server; Name: <fully qualified domain name of the WI server, e.g. abc.com>; Check the Store certificate in the local computer certificate store; Friendly name: Use same name as the fully qualified domain name of your WI server. Leave all other settings on this page as default.

4. Click Submit > Click Install this certificate. Close IE

5. On the desktop, right click My Computer and select Manage > Services and Applications > Internet Information Services. Right click on Internet Information services and select Properties. In the Master Properties Area, ensure that WWW Service is selected and click Edit. Click the Directory Security tab.

6. In the secure communications area, ensure that the Enable the Windows directory service mapper is checked. Click OK > OK.  

7. Right click on the Default Web Site icon and select Properties. (Provided that your WI site(s) is (or will be) the default IIS site, otherwise you might need to repeat this step for every other site.

8. Select the Directory Security tab. In the Secure communications area, click the Server certificate button. A Wizard is spawned. Click Next. Select Assign an existing certificate Click next. Select the server certificate that you generated and imported earlier. Click Next. Click Finish.
Carl WebsterCommented:
If you install an SSL certificate and do not use Port 443, then your users will need to manually enter the port # every time they access your site.

i.e. Instead of https://citrix.domain.com they would enter https://citrix.domain.com:Port#

I would not recommend what you are doing without using the FREE Citrix Secure gateway software.

Look at these articles:

matt_B_2008Author Commented:

I have now slightly changed the setup here in order to get this working, as follows

Configured a web interface on the LAN.
CAG on the DMZ.
WI v4.5
CAG standard ed. 4.5.5

I am now trying to forward credentials used at the CAG portal page to logn the users directly onto the WI. I have followed all the steps on the KB: http://support.citrix.com/article/ctx106202

To test this im am connecting to the CAG FQDN and selecting connect. This then runs the clients and prompts for the user credentials. Once i put credentials in i want it to rediect to the WI but its not, any ideas what i may have missed out?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now