XenApp


How to : Request (or renew) SSL certificate for Webinterface

This is how you request and install (+bind) a SSL certificate for example Citrix Webinterface.

Before you start you must now the external DNS name of your webinterface. In this case I use portal.company.nl
Test to make sure the webserver is responding and the firewall is configured. You notice a SSL warning/error. Something like this :

portal001

(The following screendump is a Firefox warning in Dutch Glimlach)

Now go to your Webinterface server and open IIS manager :

 

portal002

Go to the servername in the left pane, select Server Certificates in the middle pane and…

portal003

..select Create Certificate Request in the right pane.

Fill in the following screens :

 

portal004

Make sure the common name equals the name of your Webserver (Webinterface) on the Internet, for example portal.company.nl (For security reasons I greyed out some of the information in the screendumps)

 

portal005

Make sure you select at least 2048 bits. None of the SSL providers don’t accept anything less.

portal006

Provide a name for the certificate request file. In this file you will find the CSR. You will have to give this to your SSL provider. When you have done that, you can complete your Certificate Request in the same screen, only one option lower :

 

portal007

Unzip the file you received from your SSL provider and select next :

portal008

(Make sure that your friendly name is spelled correctly)

After this step your new certificate is imported :

portal009

Now you have to bind this certificate to the right port :portal011

Go to the default website, select SSL settings and choose in the right pane the option bind. Select port 443 and your newly imported certificate. Now stop/start your (web) services and you are ready to go :

portal010


XenApp 6.5 : Error starting mfcom & IMA services

After installing Roll Up Pack 1 for XenApp 6.5 a customer of mine ran into the problem that the 2 services mentioned wouldn’t start. The mfcom service was hanging in a starting fase and the IMA service reported several errors.

I found many many people on the internet with the same problem and I would like to share with you what the solution was that fixed my problem Smile

Fixing ProductFeature error

I wanted to remove the server from the farm and after a reboot tried to join the domain. After removing from the domain and rebooting, I was unable to join the server because of the following error :

ScreenShot_PF

I also received some errors about licenses etc. I found out that ProductFeature registry key was empty. HKEY\LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Citrix and check out ProductFeauture option. In my case it’s the Advanced feature edition, so I had to use the ADV option. Other options are :

  • STD (Standard Edition)
  • ADV (Advanced Edition)
  • ENT (Enterprise Edition)
  • PLT (Platinum Edition)

After a reboot there were no more licensing problems and I was able to remove/join the server to the domain :

joinDomain

 

Fixing DSN files

I checked the DSN files (C:\program Files (X86)\Citrix\Independent Management\Independent Management Architecture). Check out the contents (with Notepad) of the dsn files.

It should look something like this :

 

ODBC] DRIVER=Microsoft Access Driver (*.mdb)
PageTimeout=5
MaxBufferSize=2048
FIL=MS Access
DriverId=25
DBQ=C:\Program Files (x86)\Citrix\Independent Management Architecture\Imalhc.mdb
WSID=SERVERNAME

 

In my case the WSID entry was missing (make sure you edit it with the name of your server)

After saving the file, execute the following commands :

  • dsmaint recreatelhc
  • dsmaint recreaterade

Reboot the server

Settings security (DSMAINT)

In case the problem still persists, you could try the following command :

  • dsmaint /config user:<user> paswd:<password>

After rebooting I was able to start both services. Both services are using the Network service account


Resetting the Citrix Licensing Console password

Some time ago a customer of my couldn’t login to the Citrix Licensing Console anymore. Reinstalling the software wasn’t the option. The default password (admin/admin) didn’t work either.

This is how I fixed this issue :

  • Open server.xml file in <Program Files>\Citrix\Licensing\LS\conf
  • Look for the text “user firstName”
  • You find the hashed password, change this to your preferred password (clear text)
  • Make sure passwordExpired=true
  • Restart the services
  • Login to the console, you will be asked to change your password.
  • This will be saved encrypted.

XenApp 6.5 : Unable to connect to Citrix logging database 1

Today a customer ran into an issue with Citrix AppCenter. Although he was logged in as an domain administrator, he still was not able to add a published application. I found the following error in the system log :

image

I’ve checked the dcom rights and they were correct. So I used the following solution :

Open dcomcnfg and select the properties of the CitrixLogServer.

rova error db 2

Disable/un-check the first option.

rova error db 3

Now it should be working fine.