Appendix C. Creating Self-signed Certificates for NetScaler Gateway™
The easiest and most inexpensive way to test a NetScaler Gateway SSL function is to create a self-signed Certificate Authority (CA) root certificate and a public-facing server certificate. In this Appendix, using the tools in NetScaler, you will use a self-signed root certificate to sign the public-facing server certificate. You can then import these root and public-facing server certificates' chain of trust into the client's browser for testing.
Note
Keep in mind that self-signed certificates are only good for a Proof of Concept lab or testing. Self-signed certificates are not widely trusted by your client's browsers. When you move to production, make sure that you purchase a valid signed certificate.
To remain flexible in our deployment, we will also use a wildcard certificate, for example *.xenpipe.com, so that we can create and use different subdomains (for example, ng.xenpipe.com) and still have our certificates work.
