Enabling SSL
Enabling SSL communication security on Citrix Access Gateway
To enable the SSL facility on Citrix Access Gateway, an SSL (Digi-SSL™) certificate is required.
Digi-SSL™ certificate can be obtained directly from Digi-Sign and requires a CSR (Certificate Signing Request) code.
A CSR is a file/string containing your certificate application information, including your Public Key, Company Name and the Common Name (mostly FQDN - Fully Qualified Domain Name host name).
Generate your CSR and then copy and paste the contents of the CSR file into the Digi-Sign Digi-SSL™ web application form:
-
https://www.digi-sign.com/order/digi-ssl/
or send the CSR via email to your account manager in Digi-Sign.
Overview of the Certificate Signing Request
Before you can upload a certificate to the Access Gateway, you need to generate a Certificate Signing Request (CSR) and private key. The CSR is created using the Certificate Request Generator included in the Administration Tool. The Certificate Request Generator is a wizard that creates a .csr file. When the file is created, it is emailed to the Certificate Authority (Digi-Sign) for signing or you can paste it into online enrolment form. The Certificate Authority (Digi-Sign) signs the certificate and returns it to you at the email address you provided. When it is received, you can install it on the Access Gateway.
To provide secure communications using SSL/TLS, a server certificate is required on the Access Gateway. The steps required to obtain and install a server certificate on the Access Gateway are as follows: