[THIN] Re: SSL Certs..

• From: "Jeremy Saunders" <Jeremy.Saunders@xxxxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Tue, 3 Mar 2009 11:14:20 +1100

Hi Harry,

 

Unsure of your config, but you’ve only ever needed one cert for a CSG 
deployment. Patrick Rouse wrote some good articles here:

http://www.msterminalservices.org/articles/Install-Configure-Citrix-Web-Interface-Secure-Gateway-Part1.html

 

Have you got a cert of the WI site for direct Internal access?

 

To host several domains, a wildcard cert won’t work. You would need something 
like...

http://www.geotrustaustralia.com/products/ssl_certificates/true_businessid_mdm.asp

http://www.digicert.com/unified-communications-ssl-tls.htm

 

As for your versions, go with CSG 3.1, WI 5.0.1, and XenApp 5.0 (which is the 
same as 4.5 on 2003) with HRP03. Why deploy outdated versions of the software?

 

Cheers,

Jeremy.

 

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of 
Harry Singh
Sent: Tuesday, March 03, 2009 3:43 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] SSL Certs..

 

Hi all,

I'm running CSG 3.0 and W1 2.1 (I know, very old) on my front-end. I currently 
use 2 separate SSL certs for each and everything works just fine.

citrix.company.com

csg.company.com

I plan on upgrading the Web Interface to 4.6 and CSG to latest version along 
with Presentation(XenApp) to 4.5. I know there is CAG, which i am still a 
little unclear about and  its purpose and Access Essentials, which, again, i 
don't know its full potential.

My concern is will 2 standard certs suffice, or should i consider getting a 
wildcard or UCC ?  I know that answer may depend on my organization's heriarchy 
and setup, so to be clear, we have a single public accesible domain name and 
don't plan on that changing for the next 3 years.

I am considering buying 2 standard certs from Godaddy, which i checked work 
fine for users in the Citrix Forums, but want to make sure i'm furture-proofing 
the purchase of these certs in event i implement any of the aformentioned 
technologies.

This questions comes up because i've been doing a lot of reading on 
Exchange2007 and it's need to have mulitple domain names accessible via SSL, 
hence the UCC reference.

Thanks,

Harry.




#####################################################################################
Confidentiality and Privilege Notice 
This document is intended solely for the named addressee.  The information 
contained in the pages is confidential and contains legally privileged 
information. If you are not the addressee indicated in this message (or 
responsible for delivery of the message to such person), you may not copy or 
deliver this message to anyone, and you should destroy this message and kindly 
notify the sender by reply email. Confidentiality and legal privilege are not 
waived or lost by reason of mistaken delivery to you.
#####################################################################################

• Follow-Ups:
  • [THIN] Re: SSL Certs..
    • From: Harry Singh

• References:
  • [THIN] SSL Certs..
    • From: Harry Singh

Other related posts:

• » [THIN] SSL Certs..- Harry Singh
• » [THIN] Re: SSL Certs.. - Jeremy Saunders
• » [THIN] Re: SSL Certs..- Harry Singh

1. Home
2. thin
3. Archive
4. 03-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---