Citrix NetScaler - How to generate a CSR and Install Signed Certificate
Enable SSL Offload
1. Navigate to System –> Settings and click Configure Basic Features
2. Select SSL Offloading and click OK
Create the RSA Key
1. Navigate to Traffic Management –> SSL –> SSL Files
2. Click Create RSA Key
3. Enter in the following details (Only the fields marked * are required, but I recommend filling in more details) and click Create
- A file name, you will need this later, so make note
- A key size (2048 is OK – The higher the number, the longer it will take to generate)
- The PEM format and PEM encoding algorithm
- The passphrase
Create the Certificate Signing Request (CSR)
1. Click CSRs in the menu (It’s located here: Traffic Management –> SSL –> SSL Files)
2. Click Create Certificate Signing Request (CSR)
3. Enter in the following details:
- Request file name
- Key file name (Created in the previous step)
- Format
- Passphrase for the key
- The Digest Method
- The other required files
And click Create
Provide the CSR to the Certificate Authority (CA)
I’m using StartSSL in the example below.
1. Select the CSR and click Download
2. Open the Certificate in a text editor and copy the text
3. Paste the text into the CSR request form
4. Download your certificate
Install the certificate
1. In the top menu, click Certificate
2. Click Upload
3. Browse for the file that you downloaded (You can use the Apache files) and click OK
4. Navigate to Traffic Management –> SSL –> SSL Certificate –> Server Certificates
5. Click Install
6. Enter in a name for the Certificate-Key Pair, choose the certificate file (you just uploaded), the Key File and enter the password for the Key file
7. Click Install