How to Change the Server Base URL from HTTP to HTTPS on Citrix StoreFront

  • CTX135050
  • Created onMar 26, 2014
  • Updated onApr 21, 2014
Article Topic Other


This article describes how to change the host base URL of Citrix StoreFront server from HTTP to HTTPS. The host base URL option is available when configuring Single Server deployment or Server Group deployment on Citrix StoreFront. It can only be entered once and cannot be changed from StoreFront console.


User-added image

Before changing the URL to HTTPS:

User-added image

After changing the URL to HTTPS:

User-added image


This workaround applies to customers who have installed and configured Citrix StoreFront without a server certificate. When the server certificate is installed, there is a procedure to follow to ensure StoreFront and its services use a secure connection moving forward.

Note: It is assumed that the IT Administrator has generated and installed a server certificate on Citrix StoreFront server before running this procedure. In addition, an IIS binding is created over HTTPS (443). Therefore, any new connection to IIS is secured.


User-added image

Citrix StoreFront 2.0

Complete the following steps to change the base URL:

  1. Go to StoreFront and click Server Group on the left panel.

  2. Click Change Base URL on the right panel.

    User-added image

  3. Type the base url and click OK.

Citrix StoreFront 1.2


  • Before running this procedure, it is recommended to back up the StoreFront server by taking a snapshot (if it is a virtual server).

  • Run the PowerShell with Administrator rights and Unrestricted when executing the command.

  • When the PowerShell command is executed, Administrators can change the execution policy back to Restricted. For more information on how to change the Windows Execution Policy settings, click here.

Complete the following steps to change the base URL:

  1. Run PowerShell command using the Administrator rights.

  2. On the command prompt, type C:\Program Files\Citrix\Receiver StoreFront\scripts.

  3. Type Get-ExecutionPolicy.

  4. If the result is Restricted, type Set-ExecutionPolicy Unrestricted to change the result to Unrestricted.


    PS C:\Program Files\Citrix\Receiver StoreFront\scripts> Get-ExecutionPolicy
    PS C:\Program Files\Citrix\Receiver StoreFront\scripts> Set-ExecutionPolicy Unrestricted
    PS C:\Program Files\Citrix\Receiver StoreFront\scripts> Get-ExecutionPolicy

    User-added image

  5. After the execution policy is set to Unrestricted, type the following command:

    PS C:\Program Files\Citrix\Receiver StoreFront\scripts> .\SetHostBaseUrl.ps1

    Example after running the PowerShell command:

    PS C:\Program Files\Citrix\Receiver StoreFront\scripts> .\SetHostBaseUrl.ps1 ""
    Existing HostBaseUrl -
    New HostBaseUrl -
    Processing WebApplication : 1/Citrix/Authentication
    - setting routing HostBaseUrl
    - checking TokenManager service Authentication Token Producer
    - checking allowed audiences
    - replacing audience
    - updating token issuers
    - updating
    - checking TokenManager service Default Token Validation Service
    - checking allowed audiences
    - replacing audience
    - updating token issuers
    - updating
    Processing CredentialWallet : CredentialWallet
    Processing WebApplication2 : 1/Citrix/Roaming
    - setting routing HostBaseUrl
    - checking TokenManager service Roaming Consumer
    - checking allowed audiences
    - replacing audience
    - updating token issuers
    - updating
    - checking internal beacons
    - updating beacon 4af43272-2c79-457b-ad38-972e95ea8d8c
    - checking service records
    - updating Store:
    - checking internal beacons
    - updating beacon 4af43272-2c79-457b-ad38-972e95ea8d8c
    Processing WebApplication3 : 1/AGServices
    - setting routing HostBaseUrl
    Processing WebApplication4 : 1/Citrix/MyApps
    - setting routing HostBaseUrl
    - checking TokenManager service Dazzle Resource Consumer
    - checking allowed audiences
    - replacing audience
    - updating token issuers
    - updating
    - updating Discovery endpoints and service record
    Processing WebApplication5 : 1/Citrix/PNAgent
    - setting routing HostBaseUrl
    - updating legacy PNA support
    Processing WebReceiver : 1/Citrix/MyAppsWeb
    - updating Receiver for Web
    PS C:\Program Files\Citrix\Receiver StoreFront\scripts>

    Note: Step 6 is optional.

  6. When the PowerShell command execution is complete, the Citrix StoreFront console might still display the following message on the Authentication, Stores, or Receiver for Web site nodes:

    User-added image

    Ignore this message since all connections to StoreFront uses HTTP/SSL when either using Receiver connections to the store(s) or connecting through the web browser site.

    You can fix this console behavior by re-creating the following nodes:

    • Authentication

    • Store(s)

    • Receiver for Web site(s)

Important: Removing any of the three nodes affects the existing or new users trying to connect to StoreFront server using Citrix Receiver or web browser site.

For example, if you remove the Authentication service, the user will be unable to login to the StoreFront. This will remove any of the three authentication modes you have selected (Username and Password, Domain Pass-through, or Pass-through from Citrix Access Gateway). In addition, it will remove the Citrix Credential Wallet Service and Authentication Virtual Directory .



There is no specific sequence to remove the nodes, however, it is recommended to remove the nodes in the following sequence:

  • Remove any Receiver for Web site(s).

  • Remove any Store(s).

  • Remove the Authentication service.

When removed, recreate the nodes in the following sequence:

  • Create Authentication service.

  • Create Store(s).

  • Before creating the Receiver for Web site, click Refresh. If no site was created automatically, create one manually.


The above mentioned sample code is provided to you as is with no representations, warranties or conditions of any kind. You may use, modify and distribute it at your own risk. CITRIX DISCLAIMS ALL WARRANTIES WHATSOEVER, EXPRESS, IMPLIED, WRITTEN, ORAL OR STATUTORY, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NONINFRINGEMENT. Without limiting the generality of the foregoing, you acknowledge and agree that (a) the sample code may exhibit errors, design flaws or other problems, possibly resulting in loss of data or damage to property; (b) it may not be possible to make the sample code fully functional; and (c) Citrix may, without notice or liability to you, cease to make available the current version and/or any future versions of the sample code. In no event should the code be used to support of ultra-hazardous activities, including but not limited to life support or blasting activities. NEITHER CITRIX NOR ITS AFFILIATES OR AGENTS WILL BE LIABLE, UNDER BREACH OF CONTRACT OR ANY OTHER THEORY OF LIABILITY, FOR ANY DAMAGES WHATSOEVER ARISING FROM USE OF THE SAMPLE CODE, INCLUDING WITHOUT LIMITATION DIRECT, SPECIAL, INCIDENTAL, PUNITIVE, CONSEQUENTIAL OR OTHER DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Although the copyright in the code belongs to Citrix, any distribution of the code should include only your own standard copyright attribution, and not that of Citrix. You agree to indemnify and defend Citrix against any and all claims arising from your use, modification or distribution of the code.

Applicable Products

Automatic translation

Important: Non-English versions of this article are translated by an automatic translation system (also referred to as Machine Translation, or MT) and have not been translated or reviewed by a person. Citrix offers a machine translated version of this article to allow for greater access to the support content. However, automatic translation is not always perfect and may contain vocabulary, syntax or grammar errors. Citrix is not responsible for inconsistencies, errors or damage incurred as a result of the use of machine translated articles. Thank you.

Traduction automatique

Important : cet article a été traduit par un système de traduction automatique (également appelé Traduction automatique ou TA) et n'a pas été vérifié par des spécialistes. Citrix propose une traduction automatique de cet article afin de permettre à toute personne ne maîtrisant pas l'anglais d'accéder au contenu de l'assistance. Toutefois, la traduction automatique n'étant pas parfaite, elle peut contenir des erreurs de terminologie, de syntaxe ou de grammaire. Citrix n'est pas responsable des incohérences, erreurs ou dommages pouvant résulter de l'utilisation par nos clients d'articles TA.

Automatische vertaling

Belangrijk: Dit artikel is vertaald door een automatisch vertalingssysteem (ook Machine Translation of MT genoemd) en is niet vertaald of beoordeeld door mensen. Citrix biedt een machine-vertaalde versie van dit artikel aan om een betere toegang mogelijk te maken tot de support-inhoud. Automatisch vertalen werkt echter niet altijd perfect en het resultaat kan fouten bevatten in de woordkeuze, syntaxis of grammatica. Citrix is niet verantwoordelijk voor inconsistenties, fouten of schade als gevolg van het gebruik van MT-artikelen door onze klanten.

Maschinelle Übersetzung

Wichtig: Dieser Artikel wurde mit einem maschinellen Übersetzungssystem und ohne jegliche Bearbeitung durch Personen übersetzt. Citrix bietet maschinelle Übersetzungen von Artikeln an, damit Benutzer umfassenden Zugriff auf Support-Inhalte haben. Maschinelle Übersetzungen enthalten jedoch möglicherweise Fehler in Bezug auf Terminologie, Syntax und Grammatik. Citrix übernimmt keine Verantwortung für Inkonsistenzen, Fehler oder Schäden, die aus der Verwendung von maschinell übersetzten Artikeln durch Kunden resultieren.


重要提示:本文是由自动翻译系统翻译完成的(也称为“机器翻译”或 MT),未经人工翻译或审查。Citrix 提供本文的机器翻译版本是为了方便更多人访问支持内容。然而,自动翻译的文章并不总是完美的,可能存在词汇、语法或文法方面的错误。对于因客户使用机器翻译文章导致出现的不一致、错误或损害,Citrix 不承担任何责任。



Tradução automática

Importante: este artigo foi traduzido por um sistema de tradução automática (também conhecido por Machine Translation ou MT) e não foi traduzido nem revisado por pessoas. A Citrix oferece uma versão traduzida por máquina deste artigo para permitir maior acesso ao conteúdo de suporte. No entanto, a tradução automática não é sempre perfeita, podendo conter erros de vocabulário, sintaxe ou gramática. A Citrix não se responsabiliza por inconsistências, erros ou danos incorridos como resultado do uso de artigos de MT de nossos clientes.

Traducción automática

Importante: Este artículo ha sido traducido por un sistema de Traducción automática (también llamada MT o Machine Translation) sin intervención de un traductor humano. Citrix ofrece la traducción automática de este artículo para ampliar el acceso a la información de asistencia técnica. No obstante, la traducción automática no es perfecta y puede contener errores de vocabulario, sintaxis y gramática. Citrix no se hace responsable de cualquier imprecisión, error o daño ocasionados por el uso que hagan nuestros clientes de los artículos traducidos automáticamente.
Was this helpful?
Thank you for your feedback

Share your comments or find out more about this topic

Citrix Forums