[THIN] Nfuse 1.7 and SSL (https://) trouble (no SSL relay or CSG required)
- From: "Andy Hancock" <andypandy00@xxxxxxxxxxx>
- To: thin@xxxxxxxxxxxxx
- Date: Fri, 08 Nov 2002 17:19:31 +0000
I've been working with Citrix NFuse 1.6 and https:// (SSL) connections to
our web server with no problems. But I suspect that something has changed in
NFuse 1.7 that I'm missing.
Server Configuration
Windows 2000 Server SP3
Citrix MetaFrame XPe Service Pack 2 (no feature releases)
Single server in "farm".
Citrix NFuse 1.7
Internet Information Server 5.0
All security hotfixes issued by Microsoft
Root CA on certificate is our own organisation installed in browsers.
Server Certificate issued and configured for IIs 5.0.
IIs & NFuse installed on the same server sharing port 80.
SSL port 443.
SSL connections only work okay to the Web Server, and we can run
web server via https://.
NFuseAdmin runs okay via SSL.
No need for SSL Relay or CSG as ALL is on the same single server.
Citrix NFuse works correctly on this server with no https:// (SSL).
the Citrix NFuse login page is displayed via https:// (SSL) correctly, and
the padlock is displayed on the browsers.
NFuse.conf has the following statements:-
SessionField.NFuse_Transport=HTTPS
When trying to login, there is a long pause on the following error message
is displayed:-
ERROR: The MetaFrame server farm cannot process your request at this time.
An error occurred while attempting to connect to the MetaFrame server farm.
Please make sure that the Citrix XML Service is running on the Metaframe
server farm and listening on a valid port. If the Citrix XML service is
configured to share ports with the Internet Information Service (IIS),
please make sure that the IIS WWW service is running.
or
ERROR: 403 Error Access Forbidden
Just out of curiosity I setup SSL Relay, port 442 and it was kind og working
although was complaining about a connection to server:80
now I get the following:-
Citrix SSL Relay
Version 1.01
Copyright (c)1999-2002 Citrix Systems, Inc. All rights reserved.
********************************************
08/11/2002 13:59:51: Negotiating with Service Control Manager, please
wait......
.
08/11/2002 13:59:51: Using SSL provider S-Channel : CLIENT_SERVER (Build
1360)
08/11/2002 13:59:51: Waiting for incoming connections.
08/11/2002 14:00:21: Failed to accept incoming connection. Alert: Bad
record MA
C SSLRelaySocket.cpp: 775
08/11/2002 14:00:21: Failed to accept incoming connection.
SSLRelaySocket.cpp:
103
08/11/2002 14:00:21: Failed to accept incoming SSL connection.
RelayConnection.
cpp: 112
08/11/2002 14:00:21: Failed to setup client connection.
RelayConnection.cpp: 49
08/11/2002 14:00:21: Failed to close client socket connection.
RelayConnection.
cpp: 130
Any ideas?
What am I missing!?
AJ
_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*.
http://join.msn.com/?page=features/featuredemail
***********************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
Other related posts:
