Citrix Access Gateway (CAG) is secure application access that gives IT admin granular application-level control and empowers users to access internet resources in the remote environment. It provides better management of risk and security.
To make the secure transaction between users and endpoint devices, SSL plays a major role as it encrypts and secures the information from spying eyes.
To get an SSL certificate, you must have to create a certificate signing request on Citrix Access Gateway 5.0. If you haven’t generated your CSR and certificate yet, follow the simple steps through our guide.
- Create a certificate signing request on Citrix Access Gateway 5.0.
- Citrix Gateway 5.0 SSL Installation
- Activating the SSL Server Certificate
1. Create a certificate signing request on Citrix Access Gateway 5.0.
-
- Go to Citrix Access Gateway Management Console and click on Certificates.
- Click on New button on the ride side panel.
- Certificate Signing Request tab will appear, where you should enter the company’s information in required CSR fields.
- Enter the details:
- Key Size: Keep the Key length of CSR at least 2048 bits.
- Common Name: The FQDN (fully qualified domain name) looks like “www.yoursite.com” or “yoursite.com” that you type in the browser.
- Email Address: Provide an email address for the contact person on behalf of a company.
- Description: Write Certificate Signing Request.
- Company name: Type the legal name of a company or organization.
- Department: The department name of an organization unit that has made the request.
- City: The name of the city where the organization is situated.
- State or Province: The name of state or province in which organization is located.
- Country Code: Use first two letter of the country name, for example, US.
- Now, click on save button. You will have a dialogue box that contains your CSR content.
- Forward the CSR to your corresponding CA for process of certificate generation.
2. Citrix Gateway 5.0 SSL Installation:
After your CA validates your request and sings the SSL Certificate, it will send all the SSL files to your inbox. You have to download the ZIP archive containing the files and extract the root and intermediate certificates.
Also you need a private key.Private key will reside on the same platform where you created the CSR and it will be hidden.
Steps:
- In the Access Gateway Management Console, click the Certificates
- On the right side, click the Import button and choose a server (.pem) to import your root SSL certificate.
- In Select file to upload locate your rootssl.pem file and click Open
- Now, it’s time to install the intermediate certificate. Open your intermediate certificate from the ZIP Archive and save it as intemediatessl.pem file
- Return to the Access Gateway Console and click on Certificates
- On the right side, click the Import button and select Trusted (.pem) file
- Next, browse your intermideatessl.pem or crt file and click Open.
- After you upload both SSL files, you have to link your intermediate certificate to the primary one
- Go to Access Gateway Console and click Certificates
- On the right side navigate to the Add to Chain button and click it
- A dialog box will appear. Select a certificate and click Add for an individual certificate
- Once you complete the chain of the certificate, click Close.
3. Activating the SSL Server Certificate
- In the Access Gateway Management Console, click the Certificates tab.
- In the Certificates tab, choose the certificate you’d like to activate and then click Make Active.
- A green checkmark should indicate successful activation.
We hope this article helped you with this easy process. If you are unable to use these instructions, Acmetek recommends that you contact either the vendor of your software or the hosting organization that supports it.