[THIN] client certs and PS4/WI/CSG
- From: "Adam Granatela" <agranatella@xxxxxxxxx>
- To: thin@xxxxxxxxxxxxx
- Date: Fri, 14 Sep 2007 16:27:03 -0500
I have a doozy. Please don't ask why I have this configuration set up the
way it is. The only answers are going to give you headaches. Trust me on
this.
I have what we're creating as almost a turnkey solution. One AD domain
controller, one Citrix/WI/CSG box. Right now I have everything working with
those components. Firewall has 443 opened up to the box, can hit the
https://us.company.com, log in, get an app, run an app just fine. That part
of it works after a few bumps, but it works well.
Now they want to add in client certificates. We'll be issuing each
workstation a certificate, and the goal is that they must have the
certificate in order to open the site.
Before CSG in place we had this working. SSL cert was in IIS, "require
client certs" was checked in IIS, and 1494/2598 was open to the internet.
Users would hit the web page https://us.company.com, it would prompt them to
select their client cert, and then pass them onto the logon page and apps
would load.
Due to the added bonus of wanting everything over SSL, we added CSG. Now of
course the default IIS page is not SSL because CSG is handling it.
So the roundabout way to getting to where I'm going...with this
configuration, how do we now allow/require client certs in this
environment? Thanks much.
Adam Granatella
Red Anvil, LLC
Other related posts:
