Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 154
  • Last Modified:

Trying to build a Citrix Xenapp 7.6 server but cannot create SITE, building connection to VCenter 5.5 gives me a certificate erroor

I have a Windows 2012r2 VM that we spun up in our VCenter. I went to MYCITRIX.COM and downloaded the XENAPP 7.6 ISO. I began the install and began creating the SITE. I am using a local SQLEXPRESS for our small environment. I did the connection test, allowing it to create its own database. In the next step I worked with Citrix to make sure my licenses were allocated. THEN, I had to select a connection type and I used to dropdown to choose VMware vSphere. I put in the local https:// of our VCENTER. I used my doman admin credentials (not ideal but want to at least get it working) and when i hit NEXT, I get a "Cannot connect to VCenter server due to certificate error. Citrix sent me an article about installing a certificate. I went to our VCenter 5.5 server and browsed to „C:\ProgramData\VMware\VMware VirtualCenter\SSL“ and copied cacert.pem to a folder on my XENAPP server. Then I uploaded the certificate to  "Trusted Root Certificate Authorities". Something still is not right. I still cannot get past the cert error.
certerroor.PNG
0
Thor2923
Asked:
Thor2923
  • 3
  • 2
1 Solution
 
Dirk KotteSECommented:
there are different ways to make the certificate working:
https://www.citrix.com/blogs/2013/12/18/using-the-default-vmware-vcenter-server-certificate-in-xendesktop-pocs/
https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-6/xad-build-new-enviroment/xad-install-prep-host-vmware.html

... and consider ... you have to add the certificates to the device certificate store and not to user store
0
 
Thor2923Author Commented:
Ok, I had already gone through the top article, but not sure what you mean by adding certificate to device certificate store as apposed to user store? Is that where I select "Computer Account" when I ad Certificates to the snap-in?
0
 
Thor2923Author Commented:
BTW we already have an old XENAPP 6 server that is pointing to the same vcenter. I have been trying to find the equivalent on that server. It was set up years ago by someone else. Do you know if there is a place, such as the Delivery Services Console, where I can look and see how it was set up and which login was used?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Dirk KotteSECommented:
yes, MMC certificate-snapin for "computer account/Local Machine" is the correct place for the certificate...
... as explained at the end from second link:

Import the certificate into the certificate store on each of your Controllers:
    Click Install certificate, select Local Machine, and then click Next.
    Select Place all certificates in the following store, and then click Browse.
    If you are using Windows Server 2008 R2:
        Select the Show physical stores check box.
        Expand Trusted People.
        Select Local Computer.
        Click Next, then click Finish.
    If you are using Windows Server 2012 or Windows Server 2012 R2:
        Select Trusted People, then click OK.
        Click Next, then click Finish.
0
 
Dirk KotteSECommented:
do you need additional help?
0
 
iFixedITCommented:
Thanks Dirk for your answer, this helped an issue I was also having in a Lab environment,
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now