Learning the Basics of Citrix Web Interface 4.6, Citrix Secure Gateway 3.1 and GoDaddy Wildcard SSL Certificate Part 1 of 3
There are three methods to allow users to access published applications in a XenApp Farm:
– Web Clients (now called XenApp Web Plug-in)
– PNAgent (now called XenApp Plug-in)
– Program Neighborhood
The most popular are the Web Clients and PNAgent. Using the Web Interface without any additional hardware or software requires that a Public IP address be available for every XenApp server in the Farm that serves published applications. To minimize the use of Public IP addresses, ease firewall traversal and provide a secure and encrypted connection between the XenApp servers and client devices, Citrix provides the free Secure Gateway software. The Secure Gateway authenticates users connecting from the Internet and establishes a secure channel between the client devices and the XenApp servers.
In this three part series, you will learn:
– Part 1
o Install Windows prerequisites for Web Interface
o Install Web Interface 4.6
o Install the Access Management Console Update for Web Interface 4.6
o Create and configure a basic XenApp site
o Test unsecure access to published applications
– Part 2
o Generate certificate request
o Purchase a Wildcard SSL Certificate from GoDaddy
o Complete the certificate request
o Export the SSL Certificate’s Private Key for use on additional servers
o Test secure access to published application
– Part 3
o Install and configure Citrix Secure Gateway 3.1
o Test secure internal and external access to published applications
For this article series, a Windows Server 2003 R2 x86 server, with a static IP address, that is not a domain member will be used. Citrix Best Practice is for the Secure Gateway server to be placed in a DMZ. All Windows Updates, with the exception of Microsoft .NET Framework 3.5 Service Pack 1, have been applied. The Web Interface install files are from the XenApp 5 for Server 2003 CD images.
Before beginning, you need to fix a bug in the installation files. The version of the Web Interface that will be installed with XenApp 5 on Server 2003 is not Web Interface 5 but Web Interface 4.6. The Citrix Clients that will be installed are the Version 11 clients. Web Interface 4.6 does not know how to use the Version 11 client files. You need to rename one of the client files to allow Web Interface 4.6 to work properly for this article series. This has been documented in Citrix Support Article CTX118567.
In your Component CD install files for XenApp 5 for Server 2003, double-click the Clients folder (Figure 1).
Double-click the ica32 folder (Figure 2).
You now see the three Version 11 Citrix Client files (Figure 3).
Right-click an empty area just underneath XenAppWeb.msi and select Paste (Figure 5).
You will now have a file named Copy of XenAppWeb.msi. Right-click that file and select Rename (Figure 6).
Rename the file to ica32web.msi (Figure 7).
You have completed the steps documented in CTX118567. You are now ready to begin installing the Windows prerequisites for Web Interface 4.6.
Web Interface 4.6 requires the following Windows components:
– Application Server
Installing Web Interface 4.6 form the CD’s Autorun.exe will install .NET Framework 2.0, Visual J# 2.0 and ASP.NET 2.0.
Click Start, Control Panel, Add or Remove Programs (Figure 8).
Click Add/Remove Windows Components (Figure 9).
Check Application Server (Figure 10) and then click the Details button.
Check ASP.NET and then click OK (Figure 11).
Click Next (Figure 12).
The necessary Windows Prerequisites are installed. After the installation is complete, exit Add or Remove Programs and apply any additional Windows updates except for Microsoft .NET Framework 3.5 Service Pack 1.
NOTE: XenApp was previously known as Presentation Server and before that as MetaFrame. Citrix renamed Presentation Server to XenApp in February 2008. This is very confusing but you will still see references to all three product names in various places. The Citrix web site, MyCitrix.com and tech support articles refer to XenApp. The installation and most product documentation refer to Presentation Server. Most of the event log entries still refer to MetaFrame. The MetaFrame product name has not been used since 2005. Another point of confusion is the product component name Web Interface. Web Interface has been the component name since sometime between 2001 and 2003. The prior component name was nFuse. You will still see the name nFuse in many Citrix configuration files.
When Citrix released XenApp 5 for Server 2008 they also rebranded Presentation Server 4.5 with Feature Release 1 as XenApp 5 for Server 2003. There is NO core difference between XenApp 5 for Server 2003 and Presentation Server 4.5 with Feature Release 1. Even though you are installing what Citrix calls XenApp 5, ALL the installation screens, prompts and documentation still refer to the product as Presentation Server 4.5.
From your install files for the XenApp 5 for Server 2003 CD1, double-click the Autorun.exe file (Figure 12).
Click Product installations and updates (Figure 13).
Click Install Citrix Presentation Server 4.5 and its components (Figure 14).
Click I accept the license agreement (Figure 15) AND scroll all the way down to the end of the Citrix License Agreement or click in the License Agreement box and press Ctrl+End. If you do not scroll to the bottom, you will receive an error. Click OK on the error.
Click Next (Figure 16).
Click Next (Figure 17).
In Figure 18 you will not install Citrix Presentation Server, Presentation Server Console or Docuemnt Center.
Left-click each one and select Entire feature will be unavailable (Figure 19).
Click Next (Figure 20).
Click Next (Figure 21).
Click Next (Figure 22).
Click Next (Figure 23).
Click Finish (Figure 24).
After a few minutes, Figure 25 appears. Click Next.
Click Next (Figure 26).
Click Install the Clients from the Components CD-ROM and click Browse (Figure 27).
Browse to the Components CD and double-click the Clients folder (Figure 28).
Click OK (Figure 29).
Click Next (Figure 30).
Click Next (Figure 31).
Click Finish (Figure 32).
Click Finish (Figure 33).
Web Interface 4.6 has now been installed. The Management Console Update needs to be installed before any Web Interface sites are created. Go to http://www.MyCitrix.com , login to your account and click Downloads (Figure 34).
Click the dropdown under Search Downloads by Product and select Citrix XenApp (Figure 35).
Scroll down under Components and click on Web Interface 4.6 Access Management Console Extension (Figure 36).
Click Download (Figure 37).
Click HTTP (Figure 38).
Click Click here to start the HTTP download (Figure 39).
Save the file to the server’s desktop (Figure 40).
Exit the HTTP download dialog and click Back to results (Figure 41).
Scroll down under Components and click Secure Gateway 3.1 (Figure 42).
Click Download on the English version (Figure 43).
Check I have read and certify that I comply with the above Export Control Laws and click Accept (Figure 44).
Download the file to the server’s desktop (Figure 45).
Exit the Citrix Download Manager when the download completes.
Exit your Internet browser.
Double-click the 2392.zip file (Figure 46).
Extract the files to C:\AMC4.6.
Click Start, Run, type in c:\amc4.6\2392\CtxInstall.exe and press Enter (Figure 47).
Click Next (Figure 48).
Click I accept the license agreement and scroll down to the end of the license agreement and then click Next (Figure 49).
Click Next (Figure 50).
Click Next (Figure 51)
Click Finish (Figure 52).
Click Start, All Programs, Citrix, Management Consoles, Access Management Console (Figure 53).
Click Next (Figure 54).
The Presentation Server components should not be installed on either a Web Interface or Citrix Secure Gateway server.
Uncheck Presentation Server and click Next (Figure 55).
Select Do not contact servers running the configuration service and click Next (Figure 56).
Click Next (Figure 57).
Click Finish (Figure 58).
Click Web Interface and then in the middle column under Common Tasks, click Create Site (Figure 59).
Select Access Platform site and click Next (Figure 60).
Check Set as the default page for the IIS site (if Web Interface is the only application on the server using IIS) and click Next (Figure 61).
Select Local file(s) and click Next (Figure 62).
Click Next (Figure 63).
Click Next (Figure 64).
Leave Configure this site now checked and click Finish (Figure 65).
Click Next (Figure 66).
Enter your Farm name, add your XenApp servers and click Next (Figure 67).
Note: The servers entered here are used to Load Balance the XML Service. If only one server is entered here and that server goes offline, then the Web Interface site has no server to retrieve the list of published applications from. The first server in the list is usually the Zone Data Collector, especially if it is dedicated to that role.
Click Next (Figure 68).
Click Next (Figure 69).
Click Finish (Figure 70).
Open your Internet browser on type in http://localhost and press Enter. After a few seconds, the Web Interface site should be displayed (Figure 71).
If the Web Interface site is not the default IIS site, then type in http://servername/Citrix/AccessPlatform and press Enter.
Enter your login information and the Client Detection screen should be displayed (Figure 72).
Click Detect Clients and the Download Client Software page is displayed (Figure 73).
Click Download and the ica32web.msi client file starts to download (Figure 74). Click Run.
Click Close when the Client Software has completed installing (Figure 75).
Click Successful (Figure 76).
Your published applications are displayed (Figure 77).
You have now verified a successful install and configuration of Web Interface. Log off the Web Interface, exit your Internet browser and exit the Access Management Console.
In this first part of a three part series, you learned to:
– Install Windows prerequisites for Web Interface
– Install Web Interface 4.6
– Install the update to Access Management Console for Web Interface 4.6
– Create and configure a basic XenApp site
– Test unsecure access to published applications
In Part 2 you will go through the complete SSL Certificate process.