Secure XML traffic in Xen App 6.5 environment

How do you use port 443 to secure xml traffic for a XenApp 6.5 environment.  The portal will be via Storefront 2.0.  I am not looking to secure the ICA client connect just XML.   Does this mean I need to get an SSL certificates for that one server?  Do I need to setup some Citrix Server policy to reflect XML port 443?  What does that do for the other Session Host servers?  What do I need here?  Looked at some articles, but not sure I understand.
Who is Participating?
Tony JConnect With a Mentor Lead Technical ArchitectCommented:
Unfortunately this is something Citrix don't make easy or obvious.

You can't just change the XML service to port 443 and throw in a certificate.

You need to use SSL relay and then configure this to encrypt the XML traffic. And yes, you need certificates.

Info to get started is here:
WestCoastboundAuthor Commented:
I thought you only need SSL relay for securing ICA connections?  I only want to secure xml from Storefront to XML brokers.
Tony JLead Technical ArchitectCommented:
From the eDocs URL above:

In general, use SSL Relay for SSL/TLS support when you:

•Want to secure communications with servers that host the Citrix XML Service.

To the best of my knowledge this is/always has been the only way to secure XenApp's XML traffic via SSL. Oddly, you can natively secure XenDesktop's XML service and have been able to for some time.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.