-
Exploring the XenCenter workspace
-
-
Connecting and Disconnecting Servers
-
Install a TLS certificate on your server
-
-
-
-
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Install a TLS certificate on your server
The Citrix Hypervisor server comes installed with a default TLS certificate. However, to use HTTPS to secure communication between Citrix Hypervisor and Citrix Virtual Apps and Desktops, install a certificate provided by a trusted certificate authority.
Note:
This feature is supported only for Citrix Hypervisor 8.2 and later. If your Citrix Hypervisor server is an earlier version, XenCenter does not provide the option to install a new certificate on it.
This article contains information about how to use certificates in XenCenter. For information about working with certificates by using the xe CLI, see Hosts and resource pools.
Requirements
Ensure that your TLS certificate and its private key meet the following requirements:
- The certificate and key pair are an RSA key
- The key matches the certificate
- The key is provided in a separate file to the certificate
- The certificate is provided in a separate file to any intermediate certificates
- The key file must be one of the following types:
.pemor.key - Any certificate files must be one of the following types:
.pem,.cer, or.crt - The key is greater than or equal to 2,048 bits and less than or equal to 4,096 bits in length
- The key is an unencrypted PKCS #8 key and does not have a passkey
- The key and certificate are in base-64 encoded ‘PEM’ format
- The certificate is valid and has not expired
- The signature algorithm is SHA-2 (SHA256)
XenCenter warns you when the certificate and key you choose do not meet these requirements.
Install a certificate
You can use XenCenter to install a certificate that is on the XenCenter system into a Citrix Hypervisor server.
To install a certificate on a Citrix Hypervisor server, you must have the Pool Admin role and the Citrix Hypervisor server must not have HA enabled.
-
Go to the Install Certificates dialog. You can get to this dialog in one of the following ways:
- In the Server menu, select Install Certificates.
- Right-click on the server in the resources pane and choose Install Certificates from the context menu.
- In the General tab of the server, right-click on the Certificates section and choose Install Certificates from the context menu.
- In the Install Certificates dialog, browse to the location of the private key file and select it.
- Browse to the location of the server certificate file and select it.
-
You can choose to add any number of intermediate certificates from the certificate chain.
- Click Add
- Browse to the location of one or more intermediate certificates and select them.
-
Click Install.
XenCenter validates and installs the certificates.
- If there is a problem with a certificate, XenCenter shows an error message. Attempt to correct the problem and click Install again.
- If the certificate is installed successfully, XenCenter shows a success message. You can now click Close to close the dialog.
When the certificate on a Citrix Hypervisor server is changed, the server closes any open connections. XenCenter expects this behavior and reopens the connection with the Citrix Hypervisor server. However, you might have to manually reopen any other connections that were previously open to the server - for example, from another API client or the remote xe CLI.
View certificate information
In the General tab for a Citrix Hypervisor server, a section called Certificates displays the following information for the server:
- The certificate validity period. This text appears red when the certificate is approaching its expiry date.
- The certificate thumbprint
Certificate alerts
When your certificates are nearing their expiry date, XenCenter shows alerts in the Alerts section of the Notifications tab. You can choose to open the Install Certificates dialog from the action menu of these alerts.
For more information about alerts, see XenCenter Alerts.
Share
Share
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select Do Not Agree to exit.