RSS 

How To: Request and Upload a Certificate

In this AskSupport How To video you will learn how to Request and Upload a Certificate

Tags: technical support access gateway how to
Views: 1,170
Rating: 5

Transcript : So in this How To video, I’m going to walk you through how to generate a certificate request on an Access Gateway Standard Edition appliance and to send it to your certificate authority to generate the actual certificate. For the purpose of this video, I’m going to use Microsoft Certificate Services to generate that certificate, but the same process could be applied when using a trusted certificate authority. So, the very first step here is, we need to open up our console. So, as you can see, I’m using version 4.6.1 appliance, which is the latest version currently available as of October 2009. So I’m…I have only one appliance in my (inaudible). So, I’m just going to expand it out. So, as you can see here, I have an external FQDN called cag.citrix.com. So, what I need to do, is I need to generate a certificate signing request, which I will then send to my certificate authority. In my case, I have a local server here. So I need to fill in the Access Gateway FQDN. So, as you recall, mine is called cag.citrix.com. The key length, in my case, will be 1024, and I’ll just give it a password. So I’m going to generate that certificate. I will save it to my desktop, and it’ll save it as myserver.csr. And that’s saved. And I’ve just minimized that. Okay. Okay, I actually saved it to My…My Documents. I beg your pardon. So, the next thing I need to do is, I need to go to my certificate authority. I need to request a certificate. Again, this is Microsoft Certificate Services that I’m using. If you’re using a trusted certificate authority, you would e-mail them that certificate request. So I need to do an advanced certificate request. And I’m choosing this option here: Submit a certificate request by using a base 64-encoded CMC, et cetera. So I need to grab the contents of this file, so I’ll just open it up in NotePad. And I will copy the contents and paste. Very important to remove any trailing spaces, okay, so I’ll just go back to here. I need then to choose a certificate template of type Web Server. And that’s about all I need to do there, so I submit that. (I…just in case I didn’t submit it.) The type of certificate I need, again, as…if you recall what I said, it’s a base 64 encoded. So I want to download that certificate, and I will again save it to My Documents. It’s going to be certnew as I name it up. So that’s saved. And then to…to apply to the appliance, I need to go back to my appliance. I go to the administration portion up here, and I have to…I need to upload the certificate, the signed certificate. So in that case, I browse to it. I can see my certificate here. And I, you know, what happens within seconds is that the certificate upgrade is successful. So, that’s done. So just to show that it’s…that the new certificate is actually applied to the server, so I’ve actually closed down my administration tool. And I’m just going to launch it again, and I should be prompted to accept that new certificate now. So let me log back in. And I’m using the root…root admin default password, username password. And as you can see now, it’s actually found the new certificate assigned, and I’m just going to say, yes, I trust the certificate. And that will be the new certificate applied onto that server. And that’s how you apply a…request a new certificate and apply it to your certificate authority. And our console should be back up there now.

Log In