Provide assistance through the end to end process of securing XML traffic.

Instructions

Prerequisites

• Create or import suitable certificates. See CVAD documentation - Manage certificates.
• Create a snapshot of Storefront and Delivery Controllers before doing any changes to production environments.
• Perform these actions during non-business hours to avoid user impact.

Steps

1. Configure the delivery controllers with the certificate. See CVAD documentation - Configuring SSL/TLS listener port.
2. If necessary, install the trusted root certificate on each StoreFront server. See CVAD documentation - Trusting certificates.
3. To configure StoreFront to connect to the delivery controller over HTTPS, see StoreFront documentation - Add sites for Citrix Virtual Apps and Desktops.
4. If you are using a NetScaler Gateway for remote access and your delivery controllers as STA servers, configure StoreFront to retrieve STA tickets over HTTPS. See StoreFront documentation - Configure Citrix Gateways.
5. Configure your NetScaler gateways to redeem STA tickets over HTTPS.
6. If you have multiple servers in the server group then propagate the change to all servers. If you have multiple server groups then apply the changes to each server group.
7. Disable HTTP access on the delivery controllers. See CVAD documentation - Enforce HTTPS traffic only.