• Learning the Basics of Citrix Web Interface 4.6, Citrix Secure Gateway 3.1 and GoDaddy Wildcard SSL Certificate Part 1 of 3

    March 8, 2009

    Secure Gateway, Web Interface

    There are three methods to allow users to access published applications in a XenApp Farm:
    –    Web Clients (now called XenApp Web Plug-in)
    –    PNAgent (now called XenApp Plug-in)
    –    Program Neighborhood
    The most popular are the Web Clients and PNAgent.  Using the Web Interface without any additional hardware or software requires that a Public IP address be available for every XenApp server in the Farm that serves published applications.  To minimize the use of Public IP addresses, ease firewall traversal and provide a secure and encrypted connection between the XenApp servers and client devices, Citrix provides the free Secure Gateway software.  The Secure Gateway authenticates users connecting from the Internet and establishes a secure channel between the client devices and the XenApp servers.
    In this three part series, you will learn:
    –    Part 1
    o    Install Windows prerequisites for Web Interface
    o    Install Web Interface 4.6
    o    Install the Access Management Console Update for Web Interface 4.6
    o    Create and configure a basic XenApp site
    o    Test unsecure access to published applications
    –    Part 2
    o    Generate certificate request
    o    Purchase a Wildcard SSL Certificate from GoDaddy
    o    Complete the certificate request
    o    Export the SSL Certificate’s Private Key for use on additional servers
    o    Test secure access to published application
    –    Part 3
    o    Install and configure Citrix Secure Gateway 3.1
    o    Test secure internal and external access to published applications
    For this article series, a Windows Server 2003 R2 x86 server, with a static IP address,  that is not a domain member will be used.  Citrix Best Practice is for the Secure Gateway server to be placed in a DMZ.  All Windows Updates, with the exception of Microsoft .NET Framework 3.5 Service Pack 1, have been applied.  The Web Interface install files are from the XenApp 5 for Server 2003 CD images.
    Before beginning, you need to fix a bug in the installation files.  The version of the Web Interface that will be installed with XenApp 5 on Server 2003 is not Web Interface 5 but Web Interface 4.6.  The Citrix Clients that will be installed are the Version 11 clients.  Web Interface 4.6 does not know how to use the Version 11 client files.  You need to rename one of the client files to allow Web Interface 4.6 to work properly for this article series.  This has been documented in Citrix Support Article CTX118567.
    In your Component CD install files for XenApp 5 for Server 2003, double-click the Clients folder (Figure 1).

    Figure 1

    Double-click the ica32 folder (Figure 2).

    Figure 2

    You now see the three Version 11 Citrix Client files (Figure 3).

    Figure 3

    The file you need to rename is XenAppWeb.msi.  Right-click XenAppWeb.msi and select Copy (Figure 4).
    Figure 4

    Right-click an empty area just underneath XenAppWeb.msi and select Paste (Figure 5).

    Figure 5

    You will now have a file named Copy of XenAppWeb.msi.  Right-click that file and select Rename (Figure 6).

    Figure 6

    Rename the file to ica32web.msi (Figure 7).

    Figure 7

    You have completed the steps documented in CTX118567.  You are now ready to begin installing the Windows prerequisites for Web Interface 4.6.
    Web Interface 4.6 requires the following Windows components:
    –    Application Server
    –    IIS
    –    ASP.NET
    Installing Web Interface 4.6 form the CD’s Autorun.exe will install .NET Framework 2.0, Visual J# 2.0 and ASP.NET 2.0.
    Click Start, Control Panel, Add or Remove Programs (Figure 8).

    Figure 8

    Click Add/Remove Windows Components (Figure 9).

    Figure 9

    Check Application Server (Figure 10) and then click the Details button.

    Figure 10

    Check ASP.NET and then click OK (Figure 11).

    Figure 11

    Click Next (Figure 12).

    Figure 12

    The necessary Windows Prerequisites are installed.  After the installation is complete, exit Add or Remove Programs and apply any additional Windows updates except for Microsoft .NET Framework 3.5 Service Pack 1.

    NOTE: XenApp was previously known as Presentation Server and before that as MetaFrame.  Citrix renamed Presentation Server to XenApp in February 2008.  This is very confusing but you will still see references to all three product names in various places.  The Citrix web site, MyCitrix.com and tech support articles refer to XenApp.  The installation and most product documentation refer to Presentation Server.  Most of the event log entries still refer to MetaFrame.  The MetaFrame product name has not been used since 2005.  Another point of confusion is the product component name Web Interface.  Web Interface has been the component name since sometime between 2001 and 2003.  The prior component name was nFuse.  You will still see the name nFuse in many Citrix configuration files.

    When Citrix released XenApp 5 for Server 2008 they also rebranded Presentation Server 4.5 with Feature Release 1 as XenApp 5 for Server 2003.  There is NO core difference between XenApp 5 for Server 2003 and Presentation Server 4.5 with Feature Release 1.  Even though you are installing what Citrix calls XenApp 5, ALL the installation screens, prompts and documentation still refer to the product as Presentation Server 4.5.

    From your install files for the XenApp 5 for Server 2003 CD1, double-click the Autorun.exe file (Figure 12).

    Figure 12

    Click Product installations and updates (Figure 13).

    Figure 13

    Click Install Citrix Presentation Server 4.5 and its components (Figure 14).

    Figure 14

    Click I accept the license agreement (Figure 15) AND scroll all the way down to the end of the Citrix License Agreement or click in the License Agreement box and press Ctrl+End.  If you do not scroll to the bottom, you will receive an error.  Click OK on the error.

    Figure 15

    Click Next (Figure 16).

    Figure 16

    Click Next (Figure 17).

    Figure 17

    In Figure 18 you will not install Citrix Presentation Server, Presentation Server Console or Docuemnt Center.

    Figure 18

    Left-click each one and select Entire feature will be unavailable (Figure 19).

    Figure 19

    Click Next (Figure 20).

    Figure 20

    Click Next (Figure 21).

    Figure 21

    Click Next (Figure 22).

    Figure 22

    Click Next (Figure 23).

    Figure 23

    Click Finish (Figure 24).

    Figure 24

    After a few minutes, Figure 25 appears.  Click Next.

    Figure 25

    Click Next (Figure 26).

    Figure 26

    Click Install the Clients from the Components CD-ROM and click Browse (Figure 27).

    Figure 27

    Browse to the Components CD and double-click the Clients folder (Figure 28).

    Figure 28

    Click OK (Figure 29).

    Figure 29

    Click Next (Figure 30).

    Figure 30

    Click Next (Figure 31).

    Figure 31

    Click Finish (Figure 32).

    Figure 32

    Click Finish (Figure 33).

    Figure 33

    Web Interface 4.6 has now been installed.  The Management Console Update needs to be installed before any Web Interface sites are created.  Go to http://www.MyCitrix.com , login to your account and click Downloads (Figure 34).

    Figure 34

    Click the dropdown under Search Downloads by Product and select Citrix XenApp (Figure 35).

    Figure 35

    Scroll down under Components and click on Web Interface 4.6 Access Management Console Extension (Figure 36).

    Figure 36

    Click Download (Figure 37).

    Figure 37

    Click HTTP (Figure 38).

    Figure 38

    Click Click here to start the HTTP download (Figure 39).

    Figure 39

    Save the file to the server’s desktop (Figure 40).

    Figure 40

    Exit the HTTP download dialog and click Back to results (Figure 41).

    Figure 41

    Scroll down under Components and click Secure Gateway 3.1 (Figure 42).

    Figure 42

    Click Download on the English version (Figure 43).

    Figure 43

    Check I have read and certify that I comply with the above Export Control Laws and click Accept (Figure 44).

    Figure 44

    Download the file to the server’s desktop (Figure 45).

    Figure 45

    Exit the Citrix Download Manager when the download completes.
    Exit your Internet browser.
    Double-click the 2392.zip file (Figure 46).

    Figure 46

    Extract the files to C:\AMC4.6.
    Click Start, Run, type in c:\amc4.6\2392\CtxInstall.exe and press Enter (Figure 47).

    Figure 47

    Click Next (Figure 48).

    Figure 48

    Click I accept the license agreement and scroll down to the end of the license agreement and then click Next (Figure 49).

    Figure 49

    Click Next (Figure 50).

    Figure 50

    Click Next (Figure 51)

    Figure 51

    Click Finish (Figure 52).

    Figure 52

    Click Start, All Programs, Citrix, Management Consoles, Access Management Console (Figure 53).

    Figure 53

    Click Next (Figure 54).

    Figure 54

    The Presentation Server components should not be installed on either a Web Interface or Citrix Secure Gateway server.
    Uncheck Presentation Server and click Next (Figure 55).

    Figure 55

    Select Do not contact servers running the configuration service and click Next (Figure 56).

    Figure 56

    Click Next (Figure 57).

    Figure 57

    Click Finish (Figure 58).

    Figure 58

    Click Web Interface and then in the middle column under Common Tasks, click Create Site (Figure 59).

    Figure 59

    Select Access Platform site and click Next (Figure 60).

    Figure 60

    Check Set as the default page for the IIS site (if Web Interface is the only application on the server using IIS) and click Next (Figure 61).

    Figure 61

    Select Local file(s) and click Next (Figure 62).

    Figure 62

    Click Next (Figure 63).

    Figure 63

    Click Next (Figure 64).

    Figure 64

    Leave Configure this site now checked and click Finish (Figure 65).

    Figure 65

    Click Next (Figure 66).

    Figure 66

    Enter your Farm name, add your XenApp servers and click Next (Figure 67).
    Note:  The servers entered here are used to Load Balance the XML Service.  If only one server is entered here and that server goes offline, then the Web Interface site has no server to retrieve the list of published applications from.  The first server in the list is usually the Zone Data Collector, especially if it is dedicated to that role.

    Figure 67

    Click Next (Figure 68).

    Figure 68

    Click Next (Figure 69).

    Figure 69

    Click Finish (Figure 70).

    Figure 70

    Open your Internet browser on type in http://localhost and press Enter.  After a few seconds, the Web Interface site should be displayed (Figure 71).
    If the Web Interface site is not the default IIS site, then type in http://servername/Citrix/AccessPlatform and press Enter.

    Figure 71

    Enter your login information and the Client Detection screen should be displayed (Figure 72).

    Figure 72

    Click Detect Clients and the Download Client Software page is displayed (Figure 73).

    Figure 73

    Click Download and the ica32web.msi client file starts to download (Figure 74).  Click Run.

    Figure 74

    Click Close when the Client Software has completed installing (Figure 75).

    Figure 75

    Click Successful (Figure 76).

    Figure 76

    Your published applications are displayed (Figure 77).

    Figure 77

    You have now verified a successful install and configuration of Web Interface.  Log off the Web Interface, exit your Internet browser and exit the Access Management Console.
    In this first part of a three part series, you learned to:
    –    Install Windows prerequisites for Web Interface
    –    Install Web Interface 4.6
    –    Install the update to Access Management Console  for Web Interface 4.6
    –    Create and configure a basic XenApp site
    –    Test unsecure access to published applications
    In Part 2 you will go through the complete SSL Certificate process.

    , , ,

    About Carl Webster

    Webster is a Sr. Solutions Architect for Choice Solutions, LLC and specializes in Citrix, Active Directory and Technical Documentation. Webster has been working with Citrix products for many years starting with Multi-User OS/2 in 1990.

    View all posts by Carl Webster

    No comments yet.

    Leave a Reply