Solved

AD SSL Certificate

Posted on 2013-06-02
5
240 Views
Last Modified: 2013-08-12
Hi,

We have a SSL certificate for server authenticate for Citrix. I need to replace the old one with a new one. I have renewed it but not sure how to get the new one installed, in the personal store. Please find the figure attached.
Capture.JPG
0
Comment
Question by:ajoyrajan
5 Comments
 
LVL 17

Expert Comment

by:Kent Dyer
ID: 39215352
Are you running NFuse?  There is a difference between personal store and computer store..  When you run the MMC to add in the computer certificates, you will probably want to use computer store and not personal store to manage certificates..  If it is part of NFuse, you will probably need to add the cert to IIS as well..  It has been a long time since I played with Citrix, so I am not sure about publishing the certs, but that may need to be looked at too.

HTH,

Kent
0
 
LVL 1

Author Comment

by:ajoyrajan
ID: 39215358
it is not NFuse. It is just used for some users outside the organization to change their password over the internet.
0
 
LVL 15

Expert Comment

by:jerseysam
ID: 39215522
0
 
LVL 1

Author Comment

by:ajoyrajan
ID: 39218080
it is not on a IIS. There is no IIS installed on the DC.
0
 
LVL 31

Accepted Solution

by:
Paranormastic earned 500 total points
ID: 39223498
I think kdyer is on the right track, here is something specific for you to do:

1. Use the "Run as Administrator" option to open a cmd box
2. cd into the directory where your certificate is saved
3. certutil -addstore my FILENAME.CER
   (replace FILENAME.CER with your certificate's filename.  note: 'my' is the actual term to use - it is not meant as a variable in this case)

4. certutil -dump FILENAME.CER | findstr /i /c:"serial"
5. Copy the value of the serial number from the output
6. certutil -repairstore my SERIAL_NUMBER
    (paste the serial number in place of SERIAL_NUMBER)

Check to see if you can find it now.  This will put the certificate in the machine context of the Personal ("my") store.  If you do it via GUI there is a decent chance you put it in the user context of the Personal store, which is the personal store that kdyer was trying to explain about.  The second part will re-associate the private key with the certificate - this may be an unnecessary step, but it frequently fixes issues where a certificate is not showing up & it doesn't hurt anything to do it anyways, so I recommend just doing it anyways.
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We've all had that page pop up telling us there is a problem with the certificate and some of us continue on anyways and others run away to a safer competing site.  But what to do when you get the error - is it your problem or theirs?  What can you …
#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question