Embedded Files
Right-click Start -> click Run -> type MMC and then press Enter.
Click on File -> Add/Remove Snap-in.
Under Available snap-ins, click Certificates and click Add
Select Computer account, click Next, and click Finish.
Click OK on the Add or Remove Snap-ins dialog box.
Expand Certificates and click Personal.
Right-click Personal, select All Tasks, and click Request New Certificate.
On the Certificate Enrollment Before you Begin window click Next.
On the Certificate Enrollment Select Certificate Enrollment Policy click Next.
On the Request Certificates window select Computer, click Details on the right, and click Properties.
Click OK, click Enroll, and click Finish.
On the left pane expand Personal and click Certificates.
Double-click the newly created certificate issued to nameofdeliverycontroler.workspacelab.com, click the Details tab and scroll down and select the Thumbprint field.
Highlight the Value details, copy the contents using the keyboard shortcut CTRL + C and paste into Notepad using the keyboard shortcut CTRL + V. The Value detail content will be used when binding the certificate to the XML service.
In Notepad click Edit -> Replace.
In the Find what field, left click inside the field and hit the space bar key on your keyboard one time.
In the Replace with field, leave it blank.
Click Replace All to replace all spaces with no character.
Minimize Notepad.
Click OK to close the Certificate properties dialog box
Click Start, type Regedit and press Enter.
Click the HKEY_CLASSES_ROOT\Installer\Products\ key and press CTRL+F. In the Find what field, enter Citrix Broker Service and click Find Next.
Right-click the key that contains Citrix Broker Service and click Rename. Copy the alphanumeric string.
Open Notepad and paste the copied alphanumeric string.
Add dashes after the 8th, 12th, 16th, and 20th characters so that the string is in the format: B8ED5B4C-CD8E-AE44-7A45-282DBF5E86CD
Note: B8ED5B4C-CD8E-AE44-7A45-282DBF5E86CD is just an example string and the actual string will be different in each environment.
In Notepad, copy the following command, replacing the values indicated with the certificate hash and the Citrix Broker Service GUID, which were obtained in Steps 17 and 27, respectively:
Note: Make sure the appid= field contains {} in between.
Example: netsh http add sslcert ipport=0.0.0.0:443 certhash=dfad4f447c0e401e82ff46d8092260e3ad8c6d30 appid={65763A9A-C9AA-AFE4-7A7D-CE4A8C3FCCE2}
Make sure to have a blank Notepad open containing only the command from Step 28.
Click File -> Save. Expand This PC, click Documents, and type SecureSSL.txt as the File name.
Click the Encoding drop-down list and select UTF-8. Click Save.
Right-click Start and click Command Prompt (Admin).
Copy the command from Notepad and paste it in the Administrator: command prompt window.
Delete any special characters that appear in the pasted command and press Enter.
The command should return a message indicating that the SSL Certificate successfully added.
Note: The certificate has been successfully bound to port 443 on the Delivery Controller. In a future exercise, we will make sure to enable secure XML traffic by configuring StoreFront to use https.
Now that Delivery Controler has the XML service configured on HTTPS, you have been tasked to disable the non-SSL listener, so that the non-SSL port cannot be used; the XML Service will ignore HTTP traffic on the default port.
Click Start, type Regedit, and press Enter.
Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\DesktopServer\
Right-click DesktopServer and select New > DWORD (32-bit) Value.
• Name: XmlServicesEnableNonSsl
• Value Data: 0
Reboot Delivery Controler
Google Sites
Report abuse