Access key error when adding AWS EC2 URL on hosting resource

Access key error when adding AWS EC2 URL on hosting resource

book

Article ID: CTX249831

calendar_today

Updated On:

Description

In Citrix studio -> Hosting node, if you want to add AWS EC2 as the hosting connection, after you enter your API key, secret key and the connection name, you may encounter SSL error or below error message in the following Scenario: 
 "An error occurred with your API key and secret key combination. Ensure that you enter them correctly"

Scenario 1:
Using proxy server to connect to the external network

Scenario 2:
Using other EC2 connection, which is different URL from "https://ec2.amazonaws.com" 
 

Resolution

If you need to add EC2 connection with different URL or you have to connect to internet via proxy server, please create EC2 hosting connection manually with PowerShell rather than Citrix Studio.
  1. Launch PowerShell from DDC host and load all Citrix modules: 
asnp citrix* 
  1. Configure environment variables for proxy server and port:
$server = "<PROXY_SERVER>" 
$port = "<PROXY_SERVER_PORT>" 
$options = "ProxyHost=$server,ProxyPort=$port" 

Note: Replace both <PROXY_SERVER> and <PROXY_SERVER_PORT> with your own one.
  1. Run below 2 commands to add AWS EC2 hosting connection:
$hyp= New-Item -Path xdhyp:\Connections -AdminAddress "localhost" -Name “AWSEC2” -ConnectionType "AWS" -HypervisorAddress @("https://<AWS_URL>"") -UserName "APIkey" -Password "Secret key" -Metadata @{ "Citrix_MachineManagement_Options" = $options } -Persist 

New-BrokerHypervisorConnection -HypHypervisorConnectionUid $hyp.HypervisorConnectionUid

Note: Replace <AWS_URL> with your own one.
  1. Launch Citrix Studio and check hosting connect to verify whether AWS EC2 site has been generated.

Problem Cause

In Citrix Studio Hosting node, the default address string for EC2 connection is hard coded as "https://ec2.amazonaws.com", which is a global endpoint URL.
In case, AWS service is not able to route endpoint URL to your own one, access keys (Access Key ID and Secret Access Key) can not be verified.
 

Additional Information

For more details on how to connect to AWS see:  https://docs.citrix.com/en-us/citrix-daas/install-configure/connections/connection-aws.html