This document provides installation instructions for Citrix Access Gateway 5.0. If you are unable to use these instructions for your server, Symantec recommends that you contact the server vendor or the organization, which supports Citrix.
Step 1: Obtain and install the SSL Certificate
- Once your Managed PKI for SSL administrator has approved your Certificate request, you will receive an email with
the Certificate attached (cert.cer), as well as in the body of the email itself.
- Copy the certificate, imbedded in the body of the email and paste it into a text file using Vi or Notepad.
NOTE: Do not use Microsoft Word or other word processing programs that may add characters.
Confirm that there are no extra lines or spaces in the file.
The text file should look like:
NOTE: To download the certificate from your Managed PKI for SSL subscriber services page, see solution SO6621
Please select X.509 as a certificate format and copy only the End Entity Certificate.
- Save the certificate as public.txt
Step 2: Download and install the Intermediate CA Certificate
Download the Intermediate CA certificate from this link: INFO657
Click on Managed PKI for SSL tab
, click on the appropriate link for your SSL Certificate.
For example, if you are installing a Premium SSL Certificate, click the Premium Intermediate CA Certificate link.
If you are not sure which certificate you have purchased, follow the steps from this link: SO22021
Copy the Intermediate CA certificate and paste it on a Notepad.
Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white spaces, extra line breaks or additional characters have been inadvertently added.
Save ther file as Intermediate.pem
In the Access Gateway Management Console, click Certificates.
Click Import and then select Trusted (.pem).
In Select file to upload, navigate to the Intermediate.pem file and then click Open.
NOTE: When you install an intermediate certificate on Access Gateway, you do not need to specify the private key or a password.
After the certificate is installed on the appliance, the certificate needs to be linked to the server certificate.
Step 3: Link an Intermediate CA certificates to a SSL server certificate
- In the Access Gateway Management Console, click Certificates.
- In the Certificates table, select the server certificate to which you want to link an intermediate certificate and then click Add to Chain.
- In the dialog box that opens, select a certificate and then click Add for each certificate that you want to add to the chain.
- When you are finished building the certificate chain, click Close.
For more information refer to Citrix Access Gateway appliance 5.0 product documentation