Stéphane Thirion
  • Home
  • Consulting – Raidho
  • homelab
3K
0
0
0
Stéphane Thirion
Stéphane Thirion
  • Home
  • Consulting – Raidho
  • homelab
  • Citrix
  • Microsoft
  • PowerShell
  • Security
  • XenApp
  • XenDesktop

Enable SSL on XenDesktop 7.x XML Service

  • December 18, 2017
  • Stephane Thirion
Total
1
Shares
0
0
1
0
0
0
0

It is still not very easy for a new comer or a Citrix administator to complete this task when it is requested by architect / engineers… Most of the time everyone will end up with this CTX article :  and I still don’t understand why no one made a simple GUI to make this more easy to configure…

The script you’ll find bellow automate the following :

  1. Fetching the Certificate Hash Number (Thumbprint) and formatting it
  2. Fetching the Citrix Broker Service GUID and formatting it
  3. Fetching the IP address of the Delivery Controller, adding SSL port to it (:443)
  4. Run the netsh command to map the certificate to the Citrix Broker Service
  5. Show the certificate binding to make sure everything is ok.

Before beginning you need a certificate in PFX format, most likely your certificate will be for the delivery controller and will be like DeliveryControllerName.fqdn . The script is targeting a certificate that contains the hostname in the subject. You can be more specific and give the full details of the certificate subject to target the right certificate if you have several certificates installed already.

SSLXml   
# This script can be executed when the machine certificate have been installed.
# The certificate thumbprint will be find idf the hostname is in the subject. This need to be change if your certificate binding is for a DNS alias for ex.
# 14 dec 2017 - STH
 
# Fetching registry key to get the Citrix Broker Service GUID
New-PSDrive -Name HKCR -PSProvider Registry -Root HKEY_CLASSES_ROOT
$CBS_Guid = Get-ChildItem HKCR:InstallerProducts -Recurse -Ea 0 | Where-Object { $key = $_; $_.GetValueNames() | ForEach-Object { $key.GetValue($_) } | Where-Object { $_ -like '*Citrix Broker Service*' } } | Select-Object Name
$CBS_Guid.Name -match "[A-Z0-9]*$"
$GUID = $Matches[0]
 
# Formating the string to look like a GUID with dash ( - )
[GUID]$GUIDf = "$GUID"
Write-Host -Object "Citrix Broker Service GUID for $HostName is: $GUIDf" -foregroundcolor "yellow";
# Closing PSDrive
Remove-PSDrive -Name HKCR
 
# Getting local IP address and adding :443 port
$ipV4 = Test-Connection -ComputerName (hostname) -Count 1  | Select -ExpandProperty IPV4Address 
$ipV4ssl = "$ipV4 :443" -replace " ", ""
Write-Host -Object "The IP Address for $HostName is: $ipV4ssl" -foregroundcolor "green";
 
# Getting the certificate thumbprint
# certificate is chosen when hostname is found in the subject, you can change {$_.Subject -match "$HostName"} to help to match the right certificate
$HostName = $env:computername
$Thumbprint = (Get-ChildItem -Path Cert:LocalMachineMy | Where-Object {$_.Subject -match "$HostName"}).Thumbprint -join ';';
Write-Host -Object "Certificate Thumbprint for $HostName is: $Thumbprint" -foregroundcolor "magenta"; 
 
# Preparing to execute the netsh command inside powershell
$SSLxml = "http add sslcert ipport=$ipV4ssl certhash=$Thumbprint appid={$GUIDf}"
$SSLxml | netsh
 
# Verifying the certificate binding on the Citrix XML
netsh http show sslcert

Next step will be to build a GUI based on this script, I have to find time (and skills) to do so 🙂

Thank you to Eric Laugier for some tip during my research

Total
1
Shares
Tweet 0
Share 0
Share 1
Share 0
Share 0
Share 0
Share 0
Related Topics
  • Certificate
  • Citrix
  • SSL
  • XenApp
  • XenDesktop
  • XML
Stephane Thirion

Previous Article
  • Citrix
  • CTP
  • Events
  • Geek Speak

FCUGC – 4eme edition !

  • November 7, 2017
  • Stephane Thirion
View Post
Next Article
  • ArchY.net Site
  • Citrix
  • CTP

2018 CTP

  • February 1, 2018
  • Stephane Thirion
View Post
You May Also Like
View Post
  • Citrix
  • CTP
  • Uncategorized

This is the end of an era

  • Stephane Thirion
  • February 16, 2022
View Post
  • VMware
  • vSphere
  • Windows 2022

Migrating FSMO roles Windows 2022 Server

  • Stephane Thirion
  • January 3, 2022
View Post
  • ADC
  • Experience
  • Linux

Cloud yes but no, thanks (there is some Citrix)

  • Stephane Thirion
  • December 7, 2021
View Post
  • Azure
  • Azure
  • PowerShell
  • Scripting
  • Security

Export all Admin Roles and members from Azure AD

  • Rodolphe Herpeux
  • March 25, 2021
View Post
  • RDS
  • Security
  • Windows 2016

RDS access to applications with second authentication factor by smartcard

  • Rodolphe Herpeux
  • January 7, 2021
View Post
  • Windows 2016
  • Windows 2019

Migration farm ADFS operating system Windows server 2016 to Windows server 2019

  • Rodolphe Herpeux
  • January 6, 2021
View Post
  • Windows 2016

Migrate ADFS configuration Database from WID to MS-SQL

  • Rodolphe Herpeux
  • January 5, 2021
View Post
  • ArchY.net Site
  • Azure
  • Citrix
  • Cloud
  • Experience
  • Microsoft
  • News
  • Office365
  • Raidho
  • VMware

Mettre en place une solution de travail à distance (RemoteOffice / Remoteworking) 2/2

  • Stephane Thirion
  • March 24, 2020
vmware
Coinbase – Affiliated link
Blog Stats
  • 1,237,010 hits
Categories
  • Amazon (1)
  • Apple (20)
    • iOS (5)
    • Mac OSx (11)
  • ArchY.net Site (30)
  • Azure (8)
  • Certifications (3)
  • Citrix (207)
    • ADC (1)
    • Citrix Virtual Apps and Desktops (3)
    • NetScaler (12)
    • Password Manager (3)
    • Personal vDisk (5)
    • Power and Capacity Management (3)
    • Provisioning Services (22)
    • Receiver (29)
    • ShareFile (8)
    • Single Sign On (3)
    • SmartAuditor (2)
    • Storefront (12)
    • Synergy (25)
    • User Profile Management (2)
    • VDI (7)
    • WebInterface (21)
    • XenApp (84)
    • XenApp Plugin (3)
    • XenClient (10)
    • XenDesktop (55)
    • XenServer (42)
  • Cloud (12)
  • Crystal Ball (2)
  • CTP (13)
  • Docker (2)
  • Events (35)
    • E2E – PubForum (9)
    • Geek Speak (3)
  • Experience (53)
  • Kubernetes (2)
  • Licensing (3)
  • Linux (12)
  • Microsoft (145)
    • Azure (8)
    • Office365 (4)
    • PowerShell (18)
    • RDS (5)
    • Windows 10 (6)
    • Windows 2003 (21)
    • Windows 2008 (20)
    • Windows 2008 R2 (54)
    • Windows 2012 (13)
    • Windows 2012R2 (13)
    • Windows 2016 (18)
    • Windows 2019 (4)
    • Windows 2022 (1)
    • Windows 7 (27)
    • Windows 8 (19)
    • Windows Virtual Desktop (1)
    • Windows XP (11)
  • News (5)
  • Raidho (2)
  • Raspberry (3)
  • Scripting (13)
  • Security (4)
  • Slide Deck (1)
  • Thin Clients (3)
  • Twitter (1)
  • Ubiquiti (1)
  • Uncategorized (12)
  • VMware (27)
    • VMWare WorkStation (2)
    • vSphere (15)
Stéphane Thirion
Don't Follow the Trend

Input your search keywords and press Enter.