[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 846
  • Last Modified:

How to use Citrix 4.5 Presentation Server Web Interface and Secure Gateway with SSL on same server?

New to Citrix but took the online classes so I understand some. My company has a Citrix 4.5 farm with a Web Interface and Secure Gateway on the same server in a DMZ. We just renew the SSL cert and now when you try to launch an app from the web interface is gives you a SSL error 21. From reseach it looks like IIS took the 443 port from the secure gateway which is causing the problem. I can I get both to function with SSL at once?

Many thanks!
0
johnw885
Asked:
johnw885
  • 5
  • 3
2 Solutions
 
Carl WebsterCommented:
Yes you can.  IIS will need to be set touse a port like 444.  CSG MUST MUST user 443.

http://dabcc.com/Webster/CSG

You can skip the part about acquiring the SSL Cert.
0
 
johnw885Author Commented:
I did see this on a forum but changing IIS to port 444 breaks the HTTPS address used to access the web interface, how do I circumvent that?
0
 
Carl WebsterCommented:
Users access the CSG not WI.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
johnw885Author Commented:
Thery are on the same server and I think they are conflicting. Should I have port 443 from the internet tranlated to something else towards IIS?
0
 
Carl WebsterCommented:
CSG must be set to use port 443 and IIS must be set to use port 444.  CSG handles ALL port 443 traffic.
0
 
johnw885Author Commented:
I just mapped the external IP address to translate from port 443 to 444 and now the initial redirect from https://FDNQ/Citrix/MetaFrame/ to the address https://FDNQ/Citrix/MetaFrame/auth/login.aspx comes up and says page can not be displayed, any ideas?
0
 
johnw885Author Commented:
Thanks for all the help. Turned out I was confused about how users connected. They connect from the outside on port 443 to the CSG and then that redirects them to IIS on port 444. This machine was in a DMZ so DNS wasn't working and couldn't use an IP address in CSG because then the SSL cert would validate. I ended up adding the IIS name and address in the local host file on the server and everything is now working.
0
 
johnw885Author Commented:
Additonal Configuration
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now