Citrix Web Interface - How create and install certificate.

Hi All,

I have created A citrix webinterface for people to access across the internet. Does anyone the correct procedure for adding a certificate for the site?

Also at the moment im having to use port 81 for the site as 80 is in use. Im hoping to configure ot for port 80 at some point would this affect the certificate if port is change after certificate is added?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You must have IIS installed on the WI server --> Log into the machine as domain administrator.

1. Launch IE --> Point to <ca server name>/certsrv (ensure that the security settings enable ActiveX controls/scripts and that no proxy server is being used)

2. Select Request a certificate > Advanced certificate request > Create and submit a request to this CA > 

3. Select the following : Certificate Template: Web Server; Name: <fully qualified domain name of the WI server, e.g.>; Check the Store certificate in the local computer certificate store; Friendly name: Use same name as the fully qualified domain name of your WI server. Leave all other settings on this page as default.

4. Click Submit > Click Install this certificate. Close IE

5. On the desktop, right click My Computer and select Manage > Services and Applications > Internet Information Services. Right click on Internet Information services and select Properties. In the Master Properties Area, ensure that WWW Service is selected and click Edit. Click the Directory Security tab.

6. In the secure communications area, ensure that the Enable the Windows directory service mapper is checked. Click OK > OK.  

7. Right click on the Default Web Site icon and select Properties. (Provided that your WI site(s) is (or will be) the default IIS site, otherwise you might need to repeat this step for every other site.

8. Select the Directory Security tab. In the Secure communications area, click the Server certificate button. A Wizard is spawned. Click Next. Select Assign an existing certificate Click next. Select the server certificate that you generated and imported earlier. Click Next. Click Finish.
Carl WebsterCommented:
If you install an SSL certificate and do not use Port 443, then your users will need to manually enter the port # every time they access your site.

i.e. Instead of they would enter

I would not recommend what you are doing without using the FREE Citrix Secure gateway software.

Look at these articles:
matt_B_2008Author Commented:

I have now slightly changed the setup here in order to get this working, as follows

Configured a web interface on the LAN.
CAG on the DMZ.
WI v4.5
CAG standard ed. 4.5.5

I am now trying to forward credentials used at the CAG portal page to logn the users directly onto the WI. I have followed all the steps on the KB:

To test this im am connecting to the CAG FQDN and selecting connect. This then runs the clients and prompts for the user credentials. Once i put credentials in i want it to rediect to the WI but its not, any ideas what i may have missed out?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.