Secure XML traffic in Xen App 6.5 environment

How do you use port 443 to secure xml traffic for a XenApp 6.5 environment.  The portal will be via Storefront 2.0.  I am not looking to secure the ICA client connect just XML.   Does this mean I need to get an SSL certificates for that one server?  Do I need to setup some Citrix Server policy to reflect XML port 443?  What does that do for the other Session Host servers?  What do I need here?  Looked at some articles, but not sure I understand.
WestCoastboundAsked:
Who is Participating?
 
Tony JConnect With a Mentor Lead Technical ArchitectCommented:
Unfortunately this is something Citrix don't make easy or obvious.

You can't just change the XML service to port 443 and throw in a certificate.

You need to use SSL relay and then configure this to encrypt the XML traffic. And yes, you need certificates.

Info to get started is here: http://support.citrix.com/proddocs/topic/xenapp65-admin/ps-securing-using-ctx-ssl-relay.html
0
 
WestCoastboundAuthor Commented:
I thought you only need SSL relay for securing ICA connections?  I only want to secure xml from Storefront to XML brokers.
0
 
Tony JLead Technical ArchitectCommented:
From the eDocs URL above:

In general, use SSL Relay for SSL/TLS support when you:

•Want to secure communications with servers that host the Citrix XML Service.

To the best of my knowledge this is/always has been the only way to secure XenApp's XML traffic via SSL. Oddly, you can natively secure XenDesktop's XML service and have been able to for some time.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.