Solved

AD SSL Certificate

Posted on 2013-06-02
5
237 Views
Last Modified: 2013-08-12
Hi,

We have a SSL certificate for server authenticate for Citrix. I need to replace the old one with a new one. I have renewed it but not sure how to get the new one installed, in the personal store. Please find the figure attached.
Capture.JPG
0
Comment
Question by:ajoyrajan
5 Comments
 
LVL 17

Expert Comment

by:Kent Dyer
ID: 39215352
Are you running NFuse?  There is a difference between personal store and computer store..  When you run the MMC to add in the computer certificates, you will probably want to use computer store and not personal store to manage certificates..  If it is part of NFuse, you will probably need to add the cert to IIS as well..  It has been a long time since I played with Citrix, so I am not sure about publishing the certs, but that may need to be looked at too.

HTH,

Kent
0
 
LVL 1

Author Comment

by:ajoyrajan
ID: 39215358
it is not NFuse. It is just used for some users outside the organization to change their password over the internet.
0
 
LVL 15

Expert Comment

by:jerseysam
ID: 39215522
0
 
LVL 1

Author Comment

by:ajoyrajan
ID: 39218080
it is not on a IIS. There is no IIS installed on the DC.
0
 
LVL 31

Accepted Solution

by:
Paranormastic earned 500 total points
ID: 39223498
I think kdyer is on the right track, here is something specific for you to do:

1. Use the "Run as Administrator" option to open a cmd box
2. cd into the directory where your certificate is saved
3. certutil -addstore my FILENAME.CER
   (replace FILENAME.CER with your certificate's filename.  note: 'my' is the actual term to use - it is not meant as a variable in this case)

4. certutil -dump FILENAME.CER | findstr /i /c:"serial"
5. Copy the value of the serial number from the output
6. certutil -repairstore my SERIAL_NUMBER
    (paste the serial number in place of SERIAL_NUMBER)

Check to see if you can find it now.  This will put the certificate in the machine context of the Personal ("my") store.  If you do it via GUI there is a decent chance you put it in the user context of the Personal store, which is the personal store that kdyer was trying to explain about.  The second part will re-associate the private key with the certificate - this may be an unnecessary step, but it frequently fixes issues where a certificate is not showing up & it doesn't hurt anything to do it anyways, so I recommend just doing it anyways.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now