Remote Powershell SDK failed with HTTPS certificate error
Article ID: CTX335361
Updated On:
Description
Get-BrokerMachine or any other Remote Powershell SDK cmdlet returns the following message:
An error occurred while making the HTTP request to https://<CONNECTOR_SERVER_FQDN>/Citrix/SdkRouter/. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server.
+ Get-BrokerMachine -MaxRecordCount 5000 | ? { $_.DesktopGroupName -eq ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-BrokerMachine], SdkOperationException
+ FullyQualifiedErrorId : Citrix.XDPowerShell.Broker.UnexpectedException,Citrix.Broker.Admin.SDK.GetBrokerMachineCommand
Resolution
Enforce TLS 1.2 communication by running the following Powershell cmdlet:
New-ItemProperty -path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -name 'SchUseStrongCrypto' -value '1' -PropertyType 'DWord' -Force | Out-Null
New-ItemProperty -path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -name 'SchUseStrongCrypto' -value '1' -PropertyType 'DWord' -Force | Out-Null
Problem Cause
Since Citrix Cloud supports only TLS 1.2 and above, if Remote Powershell SDK server is running with the default protocol, cmdlet will fail with certificate mismatch error.Additional Information
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs#enabling-strong-authentication-for-net-applications
https://support.citrix.com/article/CTX245765
https://support.citrix.com/article/CTX245765
Was this article helpful?
Yes
No
Powered by
