CTX139047
Web Interface
Web Interface 5_4
Technotes
Authentication
2016-04-28
2005-06-06
This article contains resolution to allow users to logon to Web Interface 5.4 when using SSL Relay with SHA-2 (SHA256) Certificates.

Symptoms or Error

When using SSL Relay with SHA-2 (SHA256) Certificates, users cannot logon to Web Interface 5.4.

User-added image

On Web Interface Event Viewer a misleading Event ID 30029 appears:

User-added image

The Certification Authority is on Trusted Root Certification Authority of the Web Interface:

User-added image


Solution

Complete the following steps to resolve this issue:

  • Migrate to StoreFront 2.0 or later.??
    Note: The support for SHA-2??Certificates has been added to StoreFront?? 2.0 Services.

    OR

  • If you do not wish to migrate to StoreFront 2.0 or later, complete the following steps:

    1. Open a case with Citrix Technical Support (you must be entitled to a valid Premiere Support Agreement) and obtain a newer netsslsdk.dll 12.1.0.23539 version. Mention CPR232327 in the Citrix Technical Support case.

    2. Run the following command on elevated privileges:
      iisreset /stop

    3. Move the old netsslsdk.dll file to a safe location (do not rename):
      C:\inetpub\wwwroot\Citrix\$yourwebsitepath$\bin\netsslsdk.dll

    4. Place the new netsslsdk.dll file in the following location:
      C:\inetpub\wwwroot\Citrix\$yourwebsitepath$\bin

    5. Run the following command on elevated privileges:
      iisreset /start


Problem Cause

This is by design. Web Interface 5.4 (and 5.4.2.59, the latest Public version available) does not support SHA-2 (SHA256) Certificates.


Additional Resources


Applicable Products


 

Join the conversation

Citrix Discussions

Open a case

Citrix Support

特别说明


本文来源为Citrix.com所有,翻译后版权归翻译者所有.如需转载请注明出处.

文档版本


.

广告招租


最新留言


.

广告招租


.