Packt+ | Advance your knowledge in tech

You're reading from Getting Started with XenDesktop 7.x Deliver desktops and applications to your end users, anywhere, anytime, with XenDesktop 7.x.

Product type Paperback

Published in Apr 2014

Publisher Packt

ISBN-13 9781849689762

Length 422 pages

Edition Edition

Tools

Citrix XenDesktop

Concepts

Cloud Computing

Author (1):

Craig Thomas Ellrod

View More author details

Table of Contents (27) Chapters

Getting Started with XenDesktop 7.x

Credits

Notice

About the Author

About the Reviewers

www.PacktPub.com

Preface

1. Designing a XenDesktop Site FREE CHAPTER

2. Installing XenDesktop

3. Managing Machine Catalogs, Hosts, and Personal vDisks

4. Managing Delivery Groups

5. Managing Policies

6. Managing Printing

7. Virtualizing USB Support

8. Virtualizing Storage and Backup

9. High Definition Experience (HDX)

10. Application Delivery

11. Working with the XenDesktop SDK

12. Working with Citrix ReceiverTM and Plugins

13. Securing XenDesktop

14. Managing and Monitoring XenDesktop

15. VDI in the Cloud

Creating a Domain Certificate Authority

XenDesktop Policy Settings Reference

Creating Self-signed Certificates for NetScaler Gateway

Using Public CA-signed SSL Wildcard Certificates on NetScaler Gateway

Index

Creating a public-facing server certificate

Next, you will create a public-facing server certificate and will have it signed (self-signed, that is) by the root CA certificate that you have just created in the previous section. To create a public-facing server certificate, perform the following steps:

Navigate to Traffic Management | SSL. Under SSL Keys, select the Create RSA Key option, as shown in the following screenshot:
First, you create the RSA key by entering Key Filename, Key Size(bits), Public Exponent Value as F4, and Key Format as PEM and then clicking on OK, as shown in the following screenshot:
Under Tools, select Create CSR (Certificate Signing Request). Enter a value in Request File Name and Key Filename that you have created in the previous step. Choose PEM as Certificate Format, create a password, and enter the values in the Distinguished Name Fields section. Then, click on OK, as shown in the following screenshot.
Note
Common Name must match Fully Qualified Domain Name that is used to access the Site; for example, ng.xenpipe.com is what we will use to connect to NetScaler Gateway. In this example, we create a wildcard certificate that will work across all the subdomains; hence, you see *.xenpipe.com in the Common Name field. If you don't do this, the certificate will not work.
Next, we create the server certificate. Under SSL Certificates, select Create Certificate. Enter a name in Certificate File Name and select Server. Enter the Certificate Request File Name, choose PEM as Certificate Format, and enter the Validity Period (Number of Days). Enter a name in CA Certificate File Name, choose PEM as CA Certificate File format, and enter a name in the CA Key File Name field. Enter the passphrase and select the serial number file from the appliance named ns-root.srl. These fields are provided so that the root CA that you have created earlier can sign and trust this server certificate. Fill them out and click on OK, as shown in the following screenshot. The ns-root.srl serial number file resides on NetScaler.
Note
This is where we create the public-facing server certificate and simultaneously sign it (self-signed, that is) with the root CA certificate.