[THIN] Re: CSG help
- From: Jeff Pitsch <jepitsch@xxxxxxxxx>
- To: thin@xxxxxxxxxxxxx
- Date: Fri, 3 Jun 2005 11:58:25 -0400
What matters is not the server name but how clients resolve the name.
For example, my server name and internal suffix can be jeff.pitsch.com
BUT, if externally, I access the server as www.sbcgatekeeper.com, THAT
is the name the cert must be. The clients must be able to resolve the
external name also, not the internal name.
Jeff Pitsch
On 6/3/05, Jonathan Kadoo <jkadoo@xxxxxxxxxxxxxx> wrote:
>
>
>
>
> Thanks for the tip, I triple checked and it is on port 444. I don't know if
> this makes a difference but this server is sitting in my dmz. What I have
> done is setup the machine with the servername and then setup the primary dns
> suffix to be my domain name. This matches the certificate.
>
> Jonathan
>
> -----Original Message-----
>
> From: thin-bounce@xxxxxxxxxxxxx [
> mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Pitsch
>
> Sent: Friday, June 03, 2005 10:49 AM
>
> To: thin@xxxxxxxxxxxxx
>
> Subject: [THIN] Re: CSG help
>
> Also make sure, if IIS is installed, that IIS is not sharing the port 443.
> Change it to 444 or something.
>
> Jeff Pitsch
>
> On 6/3/05, Jeff Pitsch <jepitsch@xxxxxxxxx> wrote:
>
> > The cert name has to match the FQDN of how you resolve the name of the
>
> > CSG server. If you access the server as csg.company.com then the
>
> > cert name has to be that. Your client also has to be able to fully
>
> > resolve the FQDN of the CSG.
>
> >
>
> > Jeff Pitsch
>
> >
>
> > On 6/3/05, Jonathan Kadoo <jkadoo@xxxxxxxxxxxxxx> wrote:
>
> > >
>
> > > Sorry test cert is an internally generated cert. I did install the
>
> > > root cert on the client workstation. Still no go. I need to do a
>
> > > proof of concept for management before I go ahead with and purchase
>
> > > a real certificate. In the end though the test cert may not be the
>
> > > issue. I am just not sure where else to look.
>
> > >
>
> > > Jonathan
>
> > > ________________________________
>
> > > From: thin-bounce@xxxxxxxxxxxxx
> [mailto:thin-bounce@xxxxxxxxxxxxx]
>
> > > On Behalf Of Parker, Dennis
>
> > > Sent: Friday, June 03, 2005 9:56 AM
>
> > > To: 'thin@xxxxxxxxxxxxx'
>
> > > Subject: [THIN] Re: CSG help
>
> > >
>
> > >
>
> > > Define test cert.
>
> > >
>
> > > I had this set up using an internally generated cert (test cert),
>
> > > but needed to install the Root cert from the publisher of the
>
> > > internally generated cert (test cert) on the workstation that is
> attempting the connection.
>
> > >
>
> > > Hope this helps...
>
> > >
>
> > >
>
> > >
>
> > > Dennis Parker, MCSE, CCA
>
> > > Systems Administration, Manager
>
> > > Fiserv EFT
>
> > > 4550 SW Macadam Ave, Ste 100
>
> > > Portland, Or. 97239
>
> > >
>
> > > This e-mail is confidential and may well be legally privileged. If
>
> > > you have received it in error, you are on notice of its status.
>
> > > Please notify us immediately by reply e-mail and then delete this
> message from your system.
>
> > > Please do not copy it or use it for any purposes, or disclose its
>
> > > contents to any other person. To do so could violate state and Federal
> privacy laws.
>
> > > Thank you for your cooperation. Please contact me if you need
> assistance.
>
> > >
>
> > > ________________________________
>
> > > From: Jonathan Kadoo [mailto:jkadoo@xxxxxxxxxxxxxx]
>
>
> > > Sent: Friday, June 03, 2005 6:51 AM
>
> > > To: Thinlist
>
> > > Subject: [THIN] CSG help
>
> > >
>
> > >
>
> > > Hey there everyone, hope someone can help me. I am in the process
>
> > > of testing my CSG implementation. In our DMZ there is a W2k3 CSG +
>
> > > WI box connecting to a W2k MPS + STA server over ssl. There is a
>
> > > test cert on the CSG box. When I try connecting from the outside, I
>
> > > get the list of published apps but when I click on one to connect an
>
> > > error pops up that says "Cannot connect to the Citrix Metaframe
>
> > > server. A network error occurred (SSL error 4)"
>
> > >
>
> > > The logs on the STA indicate that a ticket was successfully issued.
>
> > > In the CSG console I can see my client connect. Searched on google
>
> > > but nothing helpful came up. Is it because I am using a test cert
>
> > > that this problem is occurring? Has anyone got this to work using a
>
> > > test certificate? Any help would be greatly appreciated.
>
> > >
>
> > > thanks
>
> > >
>
> > > Jonathan
>
> >
>
> ********************************************************
>
> This Weeks Sponsor: ThinPrint GmbH
>
> Now available: The new version .print Engine 6.2 with SSL encryption and
> certificate management.
>
> http://www.thinprint.com
>
> **********************************************************
>
> Useful Thin Client Computing Links are available at:
>
> http://thin.net/links.cfm
>
> ThinWiki community - Excellent SBC Search Capabilities!
>
> http://www.thinwiki.com
>
> ***********************************************************
>
> For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use
> the below link:
>
> http://thin.net/citrixlist.cfm
>
>
********************************************************
This Weeks Sponsor: ThinPrint GmbH
Now available: The new version .print Engine 6.2 with SSL encryption
and certificate management.
http://www.thinprint.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
ThinWiki community - Excellent SBC Search Capabilities!
http://www.thinwiki.com
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
Other related posts:
