Secure Flag not set for Cookies generated by Netscaler if Vserver is part of Persistence Group

Secure Flag not set for Cookies generated by Netscaler if Vserver is part of Persistence Group

Secure Flag not set for Cookies generated by Netscaler if Vserver is part of Persistence Group

book

Article ID: CTX209064

calendar_today

Updated On:

Description

We need to have the NSC_ cookies using the Secure and HttpOnly flag set, however Secure flag is not set by NetScaler.

Resolution

This is the expected behavior when Persistence Groups are configured.

Problem Cause

NetScaler will not set the Secure flag when using Persistence Groups.

Issue/Introduction

Secure Flag not set for Netscaler cookies for Vservers part of Persistence Group.

Additional Information

Enforce the HttpOnly flag on authentication cookies: https://docs.netscaler.com/en-us/netscaler-gateway/current-release/vpn-user-config/enforce-httponly-flag-on-authentication-cookies

Use case: How to force Secure and HttpOnly cookie options for websites using the NetScaler appliance: https://docs.netscaler.com/en-us/citrix-adc/current-release/getting-started-with-citrix-adc/load-balancing/force-secure-and-httponly-cookie-options.html

HTTP cookie persistence (Encrypting the Cookie): https://docs.netscaler.com/en-us/citrix-adc/current-release/load-balancing/load-balancing-persistence/http-cookie-persistence#encrypting-the-cookie

Was this article helpful?

thumb_up Yes

thumb_down No