INSTALL SSL CERTIFICATE USING CITRIX NETSCALER VPX:
CITRIX NETSCALER VPX: CREATE CSR AND INSTALL SSL CERTIFICATE
FIRST, YOU MUST DOWNLOAD YOUR COMBINED SSL AND INTERMEDIATE CERTIFICATE .pem FILE:
1. Access your COMODO Management account by logging in.
2. From the SSL Certificates option, view the certificates on the menu, and Click the order number that corresponds to your SSL Certificate.
3. Then, once on the Mange Your Certificate Order window locate Server Certificate and Select the Download as .zip option.
4. Next, be sure to save your SSL as the newly merged .pem file to your Citrix NetScaler VPX.
HOW TO INSTALL YOUR SSL CERTIFICATE
1. First, access your NetScaler device by logging in.
2. From the main menu, Select Configuration, and choose Traffic Management and Select SSL.
3. Once on the SSL window, locate Tools, and Select Manage Certificates/Keys/CSRs.
4. Next, Select Upload and choose your SSL Certificate .pem file.
5. Go back to the Configuration option from the main menu, and choose Traffic Management. Then, Click SSL and choose Certificates.
6. From the SSL Certificates window, Select Install. Then, you will be prompted to the Install Certificate screen where you will type in the necessary information:
CERTIFICATE-KEY PAIR NAME: This is the name you create for your certificate.
CERTIFICATE FILE NAME: Select browse, and choose Appliance. Then, press Browse to locate your SSL Certificate file. Then, choose Select and press Open.
KEY FILE NAME: From the Browse menu, Click Appliance. Then, choose Browse to click your RSA key file. Then, press Select and choose Open.
CERTIFICATE FORMAT: For this purpose, choose PEM.
PASSWORD: Type in your CSR password you made.
CERTIFICATE BUNDLE: Be sure to select this option. If you do not have a Certificate bundle, you can complete the SSL installation process. Then, you can create one.
NOTIFY WHEN EXPIRES: Be sure to Click Enabled to be contacted before your certificate expires.
NOTIFICATION PERIOD: Type in timeframe you would like to be notified prior to your certificate expiring.
7. Next, Select Create and then Close the window.
8. Go back to the SSL Certificates window (Reminder how to get there: Select traffic management from the NetScaler page, click SSL, then SSL Certificates). Then, you will notice that your SSL and Intermediate Certificates have been included under the certificates menu. You will recognize this by seeing your SSL Certificate listed as the name you created, and the Intermediate Certificate is the same name but with _lc1 added to the end. However, if you do not have the Certificate Bundle you will one see your SSL Certificate you can get one later but do so before binding your SSL to a virtual server.
HOW TO VERIFY THE SSL AND INTERMEDIATE CERTIFICATES ARE LIINKED:
1. Go to the NetScaler page, click Traffic Management, choose SSL, then, SSL Certificates. Then, Click your SSL Certificate.
2. Then, from the Actions menu Click Cert Links. From the SSL Certificate Link screen you will see your CA Certificate Name with _ic1 at the end. The SSL Certificate will be shown under the name you gave it.
HOW TO BIND YOUR SSL CERTIFICATE TO A VIRTUAL SERVER:
1. Go back to the NetScaler page, Click Configuration, locate and choose NetScaler Gateway. Then, Select Virtual Servers.
2. From the NetScaler Gateway Virtual Servers window, Click the virtual server you want to use to bind to your certificate and Select Open.
3. Then, from the Configure NetScaler Gateway Virtual Server page, Select Certificates, and under Available Click your SSL Certificate. Then, Select Add.
4. Next, locate the Configured section and remove your old certificate from the virtual server by clicking your old certificate and Selecting Remove.
5. Select OK.
6. From the NetScaler Gateway Virtual Servers window, Select the Save icon on the top right of the screen.
7. Lastly, you have now installed and configured your SSL Certificate.
CITRIX NETSCALER VPX: CREATE CSR AND INSTALL SSL CERTIFICATE
Back To Guides