Packt+ | Advance your knowledge in tech

You're reading from Getting Started with XenDesktop 7.x Deliver desktops and applications to your end users, anywhere, anytime, with XenDesktop 7.x.

Product type Paperback

Published in Apr 2014

Publisher Packt

ISBN-13 9781849689762

Length 422 pages

Edition Edition

Tools

Citrix XenDesktop

Concepts

Cloud Computing

Author (1):

Craig Thomas Ellrod

View More author details

Table of Contents (27) Chapters

Getting Started with XenDesktop 7.x

Credits

Notice

About the Author

About the Reviewers

www.PacktPub.com

Preface

1. Designing a XenDesktop Site FREE CHAPTER

2. Installing XenDesktop

3. Managing Machine Catalogs, Hosts, and Personal vDisks

4. Managing Delivery Groups

5. Managing Policies

6. Managing Printing

7. Virtualizing USB Support

8. Virtualizing Storage and Backup

9. High Definition Experience (HDX)

10. Application Delivery

11. Working with the XenDesktop SDK

12. Working with Citrix ReceiverTM and Plugins

13. Securing XenDesktop

14. Managing and Monitoring XenDesktop

15. VDI in the Cloud

Creating a Domain Certificate Authority

XenDesktop Policy Settings Reference

Creating Self-signed Certificates for NetScaler Gateway

Using Public CA-signed SSL Wildcard Certificates on NetScaler Gateway

Index

Testing the NetScaler Gateway^™ connection

Once you have NetScaler Gateway built and configured, you need to test it. For it to work properly, the certificates must be valid. If you remember, we just created the self-signed test certificates. We now need to download these test certificates from NetScaler and import them into our client device.

Testing NetScaler Gateway^™ with a Windows client

One quick way to test if the certificate chain is working on NetScaler is by downloading the root CA certificate, self-signing the public-facing server certificate from NetScaler, and importing these into the client browser. The following steps will guide you through how to test NetScaler Gateway with a Windows client:

Download the test certificate from NetScaler Gateway. You can do this using a secure FTP client such as WinSCP.net.
Download and install WinSCP from http://winscp.net.
Launch WinSCP and log in to NetScaler Gateway through the NetScaler IP Address (NSIP). Navigate to the /nsconfig/ssl directory and copy the .cer, .req, and .key files, as shown in the following screenshot.
Note
You will need the NetScaler username and password to connect.
To launch Microsoft Management Console (MMC) from the Start menu, right-click and then choose Run. Then, enter MMC, as shown in the following screenshot:
Load Certificates snap-in for Computer account, as shown in the following screenshot:
Expand the Trusted Root Certification Authorities tab and select Certificates, as shown in the following screenshot:
Navigate to Action | All Tasks | Import. This launches the Certificate Import Wizard window. Select Local Machine and then click on Next, as shown in the following screenshot:
Browse for the self-signed root CA certificate. Open it and then click on Next, as shown in the following screenshot:
Install it in the Trusted Root Certification Authorities store. Click on Next and then click on Finish, as shown in the following screenshot:
Navigate to Personal | Certificates, as shown in the following screenshot:
Navigate to Action | All Tasks | Import. This launches the Certificate Import Wizard window. Select Local Machine and then click on Next, as shown in the following screenshot:
Browse for the self-signed public server certificate. Open it and then click on Next, as shown in the following screenshot:
Install it in the Personal store. Click on Next and then on Finish, as shown in the following screenshot:
Launch a browser and connect to NetScaler Gateway using the entry that you have placed in the hosts file, for example, ng.xenpipe.com. You should be able to see the Citrix Receiver logon screen without any certificate issues. Select Desktops to launch a virtual desktop. Select Apps to launch a virtual application (you can also launch these apps from your virtual desktop), as shown in the following screenshot.
Note
Keep in mind that the URL that you connect to and the entry in the hosts file must also match the Common Name field in the certificate for it to work. Because we created a wildcard certificate, *.xenpipe.com, the NetScaler Gateway URL, https://ng.xenpipe.com, will work as would any https://<sub-domain>.xenpipe.com.