This is how you request and install (+bind) a SSL certificate for example Citrix Webinterface.
Before you start you must now the external DNS name of your webinterface. In this case I use portal.company.nl
Test to make sure the webserver is responding and the firewall is configured. You notice a SSL warning/error. Something like this :
(The following screendump is a Firefox warning in Dutch )
Now go to your Webinterface server and open IIS manager :
Go to the servername in the left pane, select Server Certificates in the middle pane and…
..select Create Certificate Request in the right pane.
Fill in the following screens :
Make sure the common name equals the name of your Webserver (Webinterface) on the Internet, for example portal.company.nl (For security reasons I greyed out some of the information in the screendumps)
Make sure you select at least 2048 bits. None of the SSL providers don’t accept anything less.
Provide a name for the certificate request file. In this file you will find the CSR. You will have to give this to your SSL provider. When you have done that, you can complete your Certificate Request in the same screen, only one option lower :
Unzip the file you received from your SSL provider and select next :
(Make sure that your friendly name is spelled correctly)
After this step your new certificate is imported :
Go to the default website, select SSL settings and choose in the right pane the option bind. Select port 443 and your newly imported certificate. Now stop/start your (web) services and you are ready to go :
When you are running Citrix Provisioning Services you might run into this problem after this weekend :
“The clocks on the client and server machines are skewed”
As a result Group Policy Objects are not applied.
This problem appear when daylight savings time goes into effect.
Citrix wrote a kb article about it : http://support.citrix.com/article/CTX123336
I also found an excellent PDF concerning this problem on the internet, link : http://www.neton.ag/wp-content/uploads/2009/02/fixing-the-daylight-saving-time-issue-in-citrix-provisioning-server-environments-v1-1.pdf
The timezone information is maintained in the Windows Registry located at : HKLM\System\CurrentControlSet\Control\TimeZoneInformation
In the following screenshot you see the value ffffffc4 which means wintertime is being used. ffffff88 stands for Daylight Saving Time.
There are multiple solutions, the workaround Citrix mentioned and the workarounds mentioned in the PDF-document. The first is booting the vDisk in Private Mode, the second is to create a script to change vDisks automatically.
More information on srvany.exe & intsrv.exe : http://support.microsoft.com/kb/137890
Thread on Citrix forum : http://forums.citrix.com/message.jspa?messageID=1414630
Microsoft kb article about GPO’s not being applied : http://support.microsoft.com/kb/886516
I got this link from @Easi123 (search for daylight) : http://support.citrix.com/servlet/KbServlet/download/25649-102-649146/Provisioning%20Services%205%206%20Best%20Practices%20External%201.2.pdf
Note : I remembered reading something about this issue from (a tweet or blogpost) Ingmar Verheij but I can’t see the link or tweet anymore. You can find his blog on http://www.ingmarverheij.com/