Jump to content
Welcome to our new Citrix community!

End to end encryption with Netscaler, Session not starting

Recommended Posts

Hi Guys,


in the LAB, i want to test end to end encryption with Netscaler. Connection to the VDA over Netscaler Secure Gateway works fine before applying any changes.


I followed this guide: https://support.citrix.com/article/CTX220062 and enabled SSL on the VDA with:


.\Enable-VdaSSL.ps1 -enable -SSLPort 443 -SSLMinVersion "TLS_1.2" -SSLCipherSuite "COM" -CertificateThumbPrint XXXXXXXXXXX


The connection to the VDA works via Storefront as expected.


But not over the Netscaler, i got the following error message:


The CA Certificate is present in the CA Certificate section in the Netscaler.


The ns.log shows the following message:


Jun 24 20:46:15 <local0.info> 06/24/2019:18:46:15 GMT netscaler-adc 0-PPE-0 : default SSLVPN ICASTART 10409 0 :  Source - Destination - SSLRelayAddress - customername  - username:domainname tklein:dom.local - applicationName XA1 $S1-2 - startTime "06/24/2019:18:46:15 GMT" - connectionId 4c9d01 is the IP of the VDA, but i'm confused because of the SSLRelayAdress Port 2598 - as far as i know, is 2598 not used any more in this constellation.

In the VDA's Event Log i could also find the following events:




What might be the problem in this case?


Many thanks & best regards


Link to comment
Share on other sites

  • 4 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...