Jump to content
Welcome to our new Citrix community!
  • 1

Mutualized STA Servers - Issue "all the configured secure ticket authorities failed to respond to this xml transaction"


Alexis Vanden Berghe

Question

Hi there,

 

We would like to setup 2 "mutualized" STA Servers separate from ours differents Citrix Farms.

 

So we installed the Delivery Controller, Storefront(IIS) and SQL Express on these STA Servers so that they are able to deliver Tickets to others Farms. These servers are linked to an Active Directory Domain specially created for them.

 

As we want to use the port 8080, we change the XML Port using the command line : "BrokerService.exe -wiport 8080".

 

We opened the traffic on our Firewall so that :

 

- STA Servers allowed to join Netscaler SNIP on 8080

- Netscaler SNIP allowed to join STA Servers on 8080

- Citrix Farms allowed to join STA Servers on 8080

 

On the Netscaler -> Citrix Gateway -> Virtual Server, these new STA servers had been binded (using IP ADDRESS) and the light is green.

The STA Auth ID is correctly retrieve (we change it on HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\DesktopServer).

 

Then, on one Citrix Farm (running the latest CVAD Version) for example :

 

- We can correctly go to "http://sta-ipaddress:8080/scripts/ctxsta.dll" (with HTTP 406 error but it seems to be a normal effect as the browser can't read it).

- We setup the STA Servers on the correct Netscaler Gateway using "http://sta-ipaddress:8080/scripts/ctxsta.dll"

 

Then, when we logon through the Netscaler to access the published Desktop, this one can't be opened.

 

On the Delivery Controller Server, the Event Viewer report an error telling that :

"all the configured secure ticket authorities failed to respond to this xml transaction:http://sta-ipaddress:8080/scripts/ctxsta.dll"

 

 

As we don't find why this error appears, can someone help us regarding this ? 

 

 

Thanks a lot !

 

Link to comment

1 answer to this question

Recommended Posts

  • 0

RESOLVED.

 

For anyone who will maybe have this issue.

 

Activate the Citrix Service Broker Logs on STA Server using this command :

 

 

BrokerService.exe –Logfile "C:\Path_That_You_Want\Citrix Broker Service.log"

 

And initiate a connexion that generate events on this log file.

 

In my case, you will find this

 

"

BrokerXmlServices:STA service: output string for 'STA identity' ("STAAUTHID-NAME") contains illegal characters06/08/21 14:31:42.170 2664 0038 6492: BrokerXmlServices:CtxSta.HandleRequest: STA Exception when processing request:
Citrix.Cds.Xms.CtxSta.StaException: STA service: output string for 'STA identity' ("STAAUTHID-NAME") contains illegal characters
at Citrix.Cds.Xms.CtxSta.BaseTransaction.ValidateOutputString(String description, String str, SizeLimit maxSize, String errorId)
at Citrix.Cds.Xms.CtxSta.TicketTransaction.HandleRequest(IXmlMultiplexer multiplexer)
at Citrix.Xms.XmlSupport.XmlPerf.WrapTransaction(Type t, Action transaction)
at Citrix.Cds.Xms.CtxSta.CtxStaServer.HandleRequest(HttpListenerRequest request, WindowsIdentity identity, DateTime startTime)

"

 

As I said in my original post, I changed the STA AUTH ID name using this registry key on the STA Server :

HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\DesktopServer

 

I use this character on the name for the "XmlStaIdentity" : "  -  "

 

As this article says and what I did'nt noticed is that : "The XmlStaIdentity must not exceed 15 characters in length and may only include numbers and uppercase letters."

https://support.citrix.com/article/CTX231451

 

That's why I had this error.

After correcting this, everything is ok.

 

 

Don't forget to disable the Citrix Service Broker Logs using the parameter "-clearlogfile", because this log file will be big very quickly.

 

 

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...