Product Documentation

Validating the Server Certificate During an SSL Handshake

The NetScaler Gateway appliance can now be configured to validate the server certificate provided by the back-end server during an SSL handshake.

To configure NetScaler Gateway global parameters to support PAC for outbound proxy by using the configuration utility

Bind the CA certificate

  1. Navigate to ConfigurationNetScaler Gateway > NetScaler Gateway Policy Manager > Certificate Bindings.**
  2. On the Certificate Bindings screen, click the + icon.
  3. On the CA Certificate(s) Binding screen, click Add Binding and click Install.
  4. Select the certificate file name in the Certificate File Name field and click Install.
  5. On the CA Certificate(s) Binding screen, select the certificate and click Bind.
  6. Click Done.

Enabling the certificate validation:

  1. Navigate to NetScaler Gateway> Global settings.
  2. Click Change Global Settings.**
  3. Select Enabled from the Backend Server Certificate Validation drop-down menu and click OK.

To configure NetScaler Gateway global parameters to support server certificate with the command line

At the command prompt, type the following commands:

    bind vpn global cacert DNPGCA1

    set vpn parameter backendcertValidation ENABLED

Validating the Server Certificate During an SSL Handshake

In this article