For Access Gateway

Citrix Access Gateway™ is a secure application access solution that provides administrators granular application-level control while empowering users with remote access from anywhere. It gives IT administrators a single point to manage access control and limit actions within sessions based on both user identity and the endpoint device, providing better application security, data protection, and compliance management. Citrix Access Gateway is the first SSL VPN built to deliver both secure virtual desktops and applications.

Citrix Receiver makes going virtual as easy as turning on a TV. Users freely choose any device – it runs on smartphones, laptops, desktops and netbooks – turning any device into a powerful business tool to securely access corporate data anywhere.

When deployed with Citrix Access Gateway, the Citrix Receiver uses Certificates to validate connections and secure data. It is therefore a requirement that a valid Certificate chain of trust be established between the Citrix Access Gateway and the Citrix Receiver.

Purchasing a Server Certificate from a valid third-party such as Verisign, and importing it into the Access Gateway is the best way to do this. However, for proof-of-concepts, you might want to create and use Self Signed Certificates. The Self Signed CA Certificates generated on the NetScaler will not work with the Citrix Receiver, so you must generate Self Signed Certificates using a Windows Server – for proof of concept deployments.

This guide will walk you through creating a Self Signed Certificate for use on the NetScaler AGEE as a Server Certificate, and also the importing of the Windows Certificate Authority Root Certificate.

Deployment Guide

Access Gateway Self-Signed Certificates with Citrix Receiver

Network Diagram






Its Powerful!