Jump to content
Welcome to our new Citrix community!

Install new SSL and bind to gateway with command line?


Jason Fortun

Recommended Posts

I am in a situation where I am unable to access to management GUI for a VPX access gateway (running on an SDX). Unfortunately I have a SSL cert bound to the access gateway on the VPX that is about  to expire and I need to update it.  I have access to the command console.  Is there any guide to installing and binding ssl certs from a command line? VPX is 12.1

 

In the meantime I am trying to fix the management gui issue (restarts from neither the SDX or xenserver console have helped) but given the time crunch (I have 10 days to sort this out) I wanted to try to use the command line as well.

Link to comment
Share on other sites

22 minutes ago, Carl Stalhood1709151912 said:

Normally if I were using the gui, I would first import the PFX, then link the newly imported cert to the intermediate cert, the go do the gateway config and change the binding to the newly imported cert.  Does the "update ssl certkey"  command perform all of those functions?

Link to comment
Share on other sites

47 minutes ago, Carl Stalhood1709151912 said:

Yes. But it doesn't actually convert the PFX to PEM but rather it uses the PFX in native format.

 

If you prefer to convert to PEM, then you'll have to use openssl commands, which is what the GUI does.

 

Thanks.  I was able to update my cert with no issues. You're a life saver!

now to solve my mgmt gui issue..

Link to comment
Share on other sites

  • 11 months later...
On 11/30/2020 at 9:26 AM, Carl Stalhood1709151912 said:

Yes. But it doesn't actually convert the PFX to PEM but rather it uses the PFX in native format.

 

If you prefer to convert to PEM, then you'll have to use openssl commands, which is what the GUI does.

 

so I'm repeating the same process this year to use the same command (with -inform) to update the cert with a new PFX file and am getting the error "invalid certificate" I was able to import the new key and export with no issues from the windows server.. What are the common causes of that error? Thanks again for any help.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...