SSL offload and acceleration

Prerequisites

Before you can use a nCipher nShield Connect with a Citrix ADC, make sure that the following prerequisites are met:

  • A nCipher nShield Connect device is installed in the network, ready to use, and accessible to the Citrix ADC. That is, the NSIP address is added as an authorized client on the HSM.
  • A usable Security World exists. Security World is a unique key management architecture used by the nCipher nShield line of HSMs. It protects and manages keys as application key tokens, enabling unlimited key capacity, and automatic key backup and recovery. For more information about creating a Security World, see the nShield Connect Quick Start Guide from nCipher. You can also find the guide in the CD provided with the nCipher HSM module at CipherTools-linux-dev-xx.xx.xx/document/nShield_Connect_Quick_Start_Guide.pdf. Note: Softcard or token/OCS protected keys are currently not supported on the Citrix ADC.
  • Licenses are available to support the number of clients that are connected to the nCipher HSM. The ADC and remote file server (RFS) are clients of the HSM.
  • An RFS is installed in the network and is accessible to the Citrix ADC.
  • The nCipher nShield Connect device, the RFS, and the Citrix ADC can initiate connections with each other through port 9004.
  • You are using NetScaler release 10.5 build 52.1115.e or later.
  • The Citrix ADC appliance does not contain a FIPS Cavium card. Important: nCipher HSM is not supported on the MPX 9700/10500/12500/15500 FIPS appliances.

Prerequisites