Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SSL and Citrix Web Interface on ?

Status
Not open for further replies.
nam1974

nam1974

Technical User
Oct 4, 2001
41
0
0
GB
Hi,

I have Setup Citrix server MFXP FR3 to use web interface. I have the following issue at present

1) SSL Cert is registered from Thawte in the form FQDN.com, The Fully qualified domain name is containing our external public domain name, this differs from our internal public domain name. For internal clients to resolve FQDN a LMHOSTs file is needed but this is messy, if i create a A-Record on our internal DNS this will only allow me to create Alias Name that still will use our internal parent domain name and not the FQDN.

Maybe i have missed something can anyone pls advise

Thanks in advance
 
Sort by date Sort by votes
For a cert to work, it must be the FQDN that is used to access the website. If you have 2 names you must have 2 certs.
 
Upvote 0 Downvote
Hi,

Well I thought when a new Cert is issued from thawte, versign etc, it just needs to be a valid registered domain name. When i created one from thawte i used citrix.companydomainname.com, where companydomainname is our public name, this is different form our internal domain name . Surely anyone who registers cert with versign, thawte etc.. does not ask for there internal domain name to be registered and made public ?

 
Upvote 0 Downvote
The name does not need to be made public. This is just a CERT. Certs are tied to a name not an IP address. You can not have a cert issued to and have that certificate issued to a user accessing that system with access.internalsite.com.

You do have options though. You can use the Citrix Secure GW system to handle external systems and use a Cert with the external name. This cert could be tied to server1.externalname.com. The internal user or users that access the internal name don't use the secure GW to access the system. No cert required. You could also make everyone access the system via the GW. It all depends on what you are trying to secure.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

damienenglish
  • Locked
  • Question
Citrix Replication Fault Detection
Replies
0
Views
52
damienenglish
damienenglish
DreemaGurl
  • Locked
  • Question
Can't log on to Citrix through emote access portal
Replies
1
Views
120
ntinlin
ntinlin
Hfnet
  • Locked
  • Question
Office 2010 KMS stoppped working on PVS Citrix
Replies
0
Views
46
Hfnet
Hfnet
MattRoche
  • Locked
  • Question
Citrix Receiver Pass-through Authentication on Wyse C90LEW terminal
Replies
0
Views
42
MattRoche
MattRoche
hall5942
  • Locked
  • Question
Fax Finder on Citrix
Replies
0
Views
41
hall5942
hall5942

Part and Inventory Search

Sponsor

Back
Top