[THIN] Re: Question about Citrix Secure Gateway 2.0 and certi ficates...

• From: "Jim Hathaway" <JimH@xxxxxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Thu, 5 Jun 2003 14:43:43 -0700

One of our local Citrix SE's (Rick D.) has been reccomending, (and I can
see why) Geotrust. You can get your certs in 15 minutes, and the price
is pretty darn low when compared w/ thawte and verisign.=20


geotrust - 2 year cert - $261.00 (128bit)

https://products.geotrust.com/ssl/quickssl.do
=20

thawte - 2 year cert - $349.00 (128bit)

http://www.thawte.com/buy.html

verisign - 2 year cert (128bit) - $598.00=20

http://www.verisign.com/products/site/secure/index.html


Geotrust shows up as Equisys under the list of trusted authorities for
IE.=20

J



-----Original Message-----
From: Ron Oglesby [mailto:roglesby@xxxxxxxxxxxx]=20
Sent: Thursday, June 05, 2003 2:25 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Question about Citrix Secure Gateway 2.0 and certi
ficates...


Thawte, Verisign

Ron Oglesby
Senior Technical Architect
=3D20
RapidApp
Office 312.372.7188
Mobile 815.325.7618
email roglesby@xxxxxxxxxxxx
=3D20

-----Original Message-----
From: Schaefer, Jay [mailto:JSchaefer@xxxxxxxxxxxxxxxxxx]=3D20
Sent: Thursday, June 05, 2003 4:06 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: Question about Citrix Secure Gateway 2.0 and certi
ficates...

I'm curious which 3rd party certs people are using?  I'm using trial
certs from verisign now and things are going well, but I've heard the
others are cheaper for the same cert type. =3D20

Jay

-----Original Message-----
From: Stansel, Paul [mailto:Paul.Stansel@xxxxxxxxxxxxx]
Sent: Thursday, June 05, 2003 12:01 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: Question about Citrix Secure Gateway 2.0 and certi
ficates...


That's the way we do it, and it is a major pain.  Different OSes handle
the installation of a trusted root CA differently, and it causes
problems every time a new user is added.  It is also a pain if they go
to, say, an internet cafe where the PCs are so locked down that they
don't have the right to add the cert.  On the plus side, we did save (a
little) money.

-Paul

> ----------
> From:         Jim Hathaway[SMTP:JimH@xxxxxxxxxxxxxxx]
> Reply To:     thin@xxxxxxxxxxxxx
> Sent:         Thursday, June 05, 2003 12:58 PM
> To:   thin@xxxxxxxxxxxxx
> Subject:      [THIN] Re: Question about Citrix Secure Gateway 2.0 and
> certificates...
>=3D20
> Matt,=3D3D20
>=3D20
> The only way to do this with custom certificates (say from an MS cert
> server) is by getting the connecting client's to trust the MS cert =20
>authority. You can make that available via another webpage, or e-mail
it
> to your users for installation on the machines they'll need to connect

> with. But there is no way nativly within the 2.0 model of CSG to allow

> client's to 'automaticly trust' a custom cert provider, it's more of
an
> MS issue than anything else.=3D3D20
>=3D20
> 3rd party certs, from verisign, geotrust, thawte . . Etc. Do make this

>whole process a great deal easier, but if your company can't afford to

>cough up $600.00 or so for 2 web certs, than you'll have to go through

>the pain of getting all remote client's to trust your MS based cert =20
>server. =3D20
> It is doable . . But it's also rather annoying. On the plus side
though,
> once setup, there is some extra security with private certs in that
any
> remote connection that does not trust your Cert provider can't connect

>to the farm remotely. Where as with 3rd party certs, all that's needed

>generally for a remote connection is a user name and password.=3D3D20 =
=3D20
> HTH
>=3D20
> J
>=3D20
> -----Original Message-----
> From: Matt McComas [mailto:Matt.McComas@xxxxxxxxxxxxxx]=3D3D20
> Sent: Thursday, June 05, 2003 9:31 AM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Question about Citrix Secure Gateway 2.0 and
> certificates...
>=3D20
>=3D20
> Is there a way to automatically download a custom certificate using
> Citrix Secure Gateway 2.0 for access to a Metaframe XP farm?  The
> documentation suggests that the only solution is to manually install
the
> certificate. Surely there must be a way to automate this process.=20
> (You'll have to forgive me...I'm kind of new to certificate services.)

> If someone could point me to a resource other than the CSG=20
> Administrator's Guide and Microsoft's explanation, that would be
great.
> Would this whole process be easier if we used a third party
certificate
> authority?? Thanks!!!
>=3D20
> Matt
>=3D20
>=3D20
> ********************************************************
> This Week's Sponsor - Appsense Technologies
> New! AppSense Optimizer is a new product from AppSense=3D3D20  =
designed=20
>to increase the user capacity of your servers.=3D3D20 =20
>http://www.appsense.com/
> **********************************************************
> Useful Thin Client Computing Links are available at: =20
>http://thethin.net/links.cfm =3D20
> For Archives, to Unsubscribe, Subscribe or=3D3D20
> set Digest or Vacation mode use the below link:
> http://thethin.net/citrixlist.cfm
> ********************************************************
> This Week's Sponsor - Appsense Technologies
> New! AppSense Optimizer is a new product from AppSense=3D20
> designed to increase the user capacity of your servers.=3D20
> http://www.appsense.com/
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thethin.net/links.cfm
>=3D20
> For Archives, to Unsubscribe, Subscribe or=3D20
> set Digest or Vacation mode use the below link:
> http://thethin.net/citrixlist.cfm
>=3D20
********************************************************
This Week's Sponsor - Appsense Technologies
New! AppSense Optimizer is a new product from AppSense=3D20 designed to
increase the user capacity of your servers.=3D20 =
http://www.appsense.com/
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - Appsense Technologies
New! AppSense Optimizer is a new product from AppSense=3D20 designed to
increase the user capacity of your servers.=3D20 =
http://www.appsense.com/
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - Appsense Technologies
New! AppSense Optimizer is a new product from AppSense=20
designed to increase the user capacity of your servers.=20
http://www.appsense.com/
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - Appsense Technologies
New! AppSense Optimizer is a new product from AppSense 
designed to increase the user capacity of your servers. 
http://www.appsense.com/
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm

Other related posts:

• » [THIN] Re: Question about Citrix Secure Gateway 2.0 and certi ficates...
• » [THIN] Re: Question about Citrix Secure Gateway 2.0 and certi ficates...
• » [THIN] Re: Question about Citrix Secure Gateway 2.0 and certi ficates...
• » [THIN] Re: Question about Citrix Secure Gateway 2.0 and certi ficates...

1. Home
2. thin
3. Archive
4. 06-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---