SSL certification | Citrix Web App and API Protection

SSL certification

June 17, 2021


Contributed by :
To access SSL Certificates :

  1. In the dashboard, select Configuration -> Security -> SSL Certificates on the left navigation bar.
  2. The SSL Certificates page shows all the active SSL Certificates associated with your account.
  3. To add a new SSL certificate, click Add New Certificate.
  4. A prompt windowpane appears allowing you to provide the SSL Certificate data :

    • Private Key – Upload or paste the Private Key information. Currently accepts either 2048 bit or 3072 bit RSA key in the PEM format.
    • Private Key Password (optional) – Provide the password associated with the Private Key
    • Public Certificate Chain – Detect, Upload, or Paste the Public Certificate. If you choose the Detect option, provide the publicly accessible HTTPS URL. Otherwise, upload or paste your public server certificate, followed by all intermediate certificates, in the PEM format.

SSL requirements

The minimum requirements for CWAAP SSL certificates are RSA 2048 bit or 3072 keys. This is a requirement of the FIPS devices .

Upload SSL certificate

To submit your SSL authentication to the portal site, you need the take after data :

  • Private Key
  • Private Key Password
  • Public Certificate Chain

You can upload your Private Key and your populace Certificate Chain. besides, you can besides detect your Public Certificate Chain by providing the URL. You should besides provide the Private Key Password, so the SSL certificate can be used .

Read more:   Bailey Sarian Wiki, Biography, Age, Parents, Ethnicity, Husband, Career, Net Worth & More

SSL certificates and components

There are four different ways to present SSL Certificates and their components :

  1. PEM. Governed by RFCs, it’s used preferentially by open-source software. It can have various extensions (.pem, key, .cer,.cert, more)
  2. PKCS#7 or P7B. An open standard used by Java and supported by Windows. Does not contain private key details.
  3. PKCS#12 or PFX. A Microsoft private standard that was later defined in an RFC that provides an enhanced security versus the plain-text PEM format. The format might contain the private key material. It’s used preferentially by Windows systems, and are freely converted to the PEM format by using openssl.
  4. DER. The parent format of PEM. It’s useful to think of it as a binary version of the base64-encoded PEM file. Not routinely used by much outside of Windows.

Cirix highly recommends you to convert the .pfx files on your own machine using OpenSSL so you can store the private samara .

Use the follow OpenSSL commands to convert the SSL certificate in different formats on your own machine :

  1. Convert DER to PEM: openssl x509 -inform der -in certificate.cer -out certificate.pem
  2. Convert P7B to PEM :: openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
  3. Convert PFX to PEM :: openssl pkcs12 -in certificate.pfx -out certificate.cer –nodes

alternatively, you can use the loose SSL converter available at SSL Shopper .

Read more:   Ozark: 10 Memes That Perfectly Sum Up The Show

Manage existing proxy configuration with SSL

From the Proxy Assets screen click the “ Edit Icon ” following to the horde name field of the shape you want to update. The update shape screen displays. here you can make any changes you want make and click Save to submit the update shape. From this screen, you can besides Delete the shape by selecting the “ Delete ” push button at the circus tent proper of the screen door .
To test your web site using your own knowledge domain list BEFORE DNS propagation has completed, you can use your local anesthetic calculator ’ s HOSTS file. Your calculator uses the entries in your HOSTS file FIRST before it tries to use your IPS to look up the DNS information for your domain. The HOSTS file is a particular charge on your workstation calculator that stores the IP address and name information. You must check the file before DNS, indeed if you place an entry in this file it supersedes anything set in DNS. This feature is utilitarian in testing websites as it allows you to control which IP your local calculator visit careless of the DNS configuration .

Hosts file syntax

The format of the hosts file is simple. Each line has an IP address and a horde name separated by one or more spaces. By default option, hosts files typically contain entries for “ localhost ” and text describing the file usage. It is best not to change the description.

Read more:   National Rifle Association says 'our deepest sympathies' are with families and victims of Uvalde, Texas school massacre

Read more: 35.6 Celsius to Fahrenheit – What is 35.6 °C in °F?



  1. From the Start drop-down list, search for “Notepad” (Win 8, 10) or navigate to: “All Programs -> Accessories -> Notepad” (Win XP, Vista, 7).
  2. Right-click Notepad and select the Run As Administrator option.
  3. In Notepad, click “Open” and select the file option. C:\\Windows\\System32\\Drivers\\etc\\hosts.
  4. Edit the file and click Save.


  1. Open a terminal window.
  2. Edit the file /etc/hosts as root with a text editor. Example: sudo nano /etc/hosts

Testing your settings

  1. Open a command prompt.
  2. Type: ping -c2
  3. The ping results show the IP address and confirm that it is responding.
  4. Open the browser on the local computer where the host settings are available. The browser connects to the website.

When you are finished testing, remember to remove the customs lines that you added to your Hosts file .

source :
Category : Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top