Background: - I
have installed and configure Citrix Secure Gateway.
After configuring Citrix secure Gateway.
I am able to open Citrix webpage as https://, However when I
access application I am getting below
mention error message.
I have already installed all the required intermediate and
root certificate. However getting the below mention error message.
Issue :-
While requesting for certificate we choose Signature Algorithm as SHA-2
Resolution:-
Checked with Go Daddy, they advise to “Re-Keying an
SSL Certificate”
Re-key to SHA1
Choose SHA-1 for signature hashing algorithm and re-install the certificate after.
Link to Re-Key
Thank you for your post. I investigate this problems 8 hours. Trying all root certificate, intermediate certificate. Script, and many others things without resolving my problem. I stubble on your blog and resolve my problem in 60 secondes. Thank you Nitinv !!!!
ReplyDeleteThanks heaps!
ReplyDeletePer Godaddy, New certificates we issue with expiration dates after Jan. 1, 2017, can only use SHA-2. Other new certificates should use SHA-2, as well. SHA-1 is potentially insecure, which defeats the purpose of an SSL certificate. Cintrix needs to update to support them
ReplyDeleteI successfully installed my new SHA-2 certificate. I had to first update my 2003 server to support SHA-2 through a hotfix, then update my CitrixOnlinePluginWeb to 12.3 (11.2 did not support SHA-2) and make sure all the client PCs connecting had an OS supporting SHA-2. (We did not update this existing Citrix Farm to a newer platform since it will be decommissioned in a year)
ReplyDeleteThanks, that did it for me!
ReplyDelete