Arnie Rosenboom
asked on
Security Certificate Error Xenapp 7.6 Install
Hello, I am trying to install XenAPP/Desk 7.6 on 2012r2 servers in tandem with our current Xenapp 6.5 farm. We already have a license server on a 2008r2 server. When I am installing the 7.6 DCs I put the license server name in the address box and it told me that the cert was out of date. Others on a Citrix forum helped me to figure out where that was at, So I had a new domain certificate made (not from a intermediate) and I backed up the old one and put the newly made one in place, and now the out of date message is gone, but the message now says....
This certificate is not trusted: The security certificate "certname" is not suitable for use in SSL connections. Reason: The maximum length of a certificate chain is 10.
I have tried to figure out how to handle this... After googling this for 8 hours and another post on a citrix forum, I still have not really found anything helpful. Does anyone have any ideas? Thank you.
This certificate is not trusted: The security certificate "certname" is not suitable for use in SSL connections. Reason: The maximum length of a certificate chain is 10.
I have tried to figure out how to handle this... After googling this for 8 hours and another post on a citrix forum, I still have not really found anything helpful. Does anyone have any ideas? Thank you.
What version is the license server you are using? The minimum version needed for XenDesktop 7.6 is 11.12.1. The connection to the license server doesn't use SSL, so I'm not sure why you're seeing that, other than attempting to connect to an old version of the license server.
ASKER
>Who was the issuing authority?
Internal server
>What uses is it listed for?
Not sure if this what you are asking but it says in key usage ... Digital Signature, Key Encipherment
enhanced usage is Server Authentication
> When you look at the properties of the certificate does it show any errors such as private key missing etc?
Under Details tab, I see nothing that sticks out at me.
Internal server
>What uses is it listed for?
Not sure if this what you are asking but it says in key usage ... Digital Signature, Key Encipherment
enhanced usage is Server Authentication
> When you look at the properties of the certificate does it show any errors such as private key missing etc?
Under Details tab, I see nothing that sticks out at me.
From Programs and Features on the License Server, what version of Citrix Licensing does it say you have installed?
ASKER
>What version is the license server you are using? The minimum version needed for XenDesktop 7.6 is 11.12.1.
11.12.1. build 14008
11.12.1. build 14008
Did you upgrade the existing license server or install a new one?
If new, is the firewall disabled on the license server, or are the following ports open?
Console Web Server (default port is 8082)
License Server Manager (default port is 27000)
Simple License Service (default port is 8083)
Vendor Daemon (default port is 7279)
If new, is the firewall disabled on the license server, or are the following ports open?
Console Web Server (default port is 8082)
License Server Manager (default port is 27000)
Simple License Service (default port is 8083)
Vendor Daemon (default port is 7279)
Did you use the following procedure to create the certificate?
http://support.citrix.com/proddocs/topic/licensing-1111/lic-cert-simple-license-service.html?_ga=1.20398264.1862317713.1413407183
When the certificate was created, did you use the Template for Web Server option?
http://support.citrix.com/proddocs/topic/licensing-1111/lic-cert-simple-license-service.html?_ga=1.20398264.1862317713.1413407183
When the certificate was created, did you use the Template for Web Server option?
ASKER
>Did you upgrade the existing license server or install a new one?
Upgrade, I do believe.
> If new, is the firewall disabled on the license server, or are the following ports open?
We turn off firewall by group policy, and I just double checked.
Console Web Server (default port is 8082)
License Server Manager (default port is 27000)
Simple License Service (default port is 8083)
Vendor Daemon (default port is 7279)
Upgrade, I do believe.
> If new, is the firewall disabled on the license server, or are the following ports open?
We turn off firewall by group policy, and I just double checked.
Console Web Server (default port is 8082)
License Server Manager (default port is 27000)
Simple License Service (default port is 8083)
Vendor Daemon (default port is 7279)
ASKER
>Did you use the following procedure to create the certificate?
>http://support.citrix.com/proddocs/topic/licensing-1111/lic-cert-simple-license-service.html?>_ga=1.20398264.186231771
> When the certificate was created, did you use the Template for Web Server option?
I didn't create it, my boss did, but I do know he used the above article... I am going to ask him
now if he used the Template for Web Server option....
Thank you for all your suggestions so far....
>http://support.citrix.com/proddocs/topic/licensing-1111/lic-cert-simple-license-service.html?>_ga=1.20398264.186231771
> When the certificate was created, did you use the Template for Web Server option?
I didn't create it, my boss did, but I do know he used the above article... I am going to ask him
now if he used the Template for Web Server option....
Thank you for all your suggestions so far....
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've requested that this question be deleted for the following reason:
No reasonable solution.
No reasonable solution.
ASKER
None at this time
What uses is it listed for?
When you look at the properties of the certificate does it show any errors such as private key missing etc?