Gateway

Configuring Server Name Indication Extension

A Citrix Gateway appliance can now be configured to include a server name indication (SNI) extension in the SSL “client hello” packet sent to the back end server. The SNI extension helps the back end server identify the FQDN being requested during the SSL handshake and respond with the respective certificates.

Note

Enable SNI support when multiple SSL domains are hosted on the same server.

To configure Citrix Gateway to support SNI using GUI:

  1. In the NetScaler GUI, navigate to Configuration> Citrix NetScaler> Global Settings.

  2. Click the Change Global Settings link and from the Backend Server SNI menu, select Enabled.

To configure Citrix Gateway to support SNI using the command line interface, at the command prompt, type:

set vpn parameter backendServerSni <ENABLED><DISABLED>
<!--NeedCopy-->
Configuring Server Name Indication Extension