SIGNIFLOW

Discover our signature platform: sign and request signature for your PDFs in a fex clicks!

JOIN OUR AFFILIATE NETWORK

Join our affiliate network
and become a local SSL expert
Learn more about our program

PRODUCTS TO DISCOVER

SSL certificates Invoice signature eIDAS certificates Signature software

Menu
picture of tbs certificates
picture of tbs certificates
Certificates
ALL CERTIFICATES
SSL Extended Validation SSL Standard RGS certificates eIDAS certificates SSL ECC SSL wildcard SSL Multiple sites / SAN Quick and Dirty SSL
Specific certificates VMC certificates
E-signature Strong authentication S/MIME certificates
Test certificates PKI Solutions Trust Seals
SigniFlow: the platform to sign and request signature for your documents
Signature software
Our products range
TBS X509 DigiCert Thawte Sectigo GlobalSign GeoTrust Certigna ChamberSign SigniFlow Harica
Partners
Client login Customer accounts Open an account
Support
FAQ SHA256: Browsers' compatibility ECC: Browsers' compatibility
Focus
Invoices dematerialization
We now provide solutions compliant with RGS** and eIDAS qualified standards for invoices signature and time stamping. Further information


Install a certificate for Citrix Netscaler

Using FTP Over SSL Citrix NetScaler allows to install a certificate in different formats, whether .pfx, .pem or .cer with the private key in a separate file. We will see together its different methods.

Installation of the certificate in PFX format

Note: : in the context of a renewal, you must remember to remove the link from the current certificate. To do this, right click on your certificate and click on "Unbind". Only then will you be able to install your new certificate.

If you have generated your CSR using our online KeyBot tool, you can generate your certificate in PFX format by clicking on the "Generate PFX / PEM" button available from the status page of your certificate.
If your CSR was generated with another tool like OpenSSL, you can generate a PFX using our documentation: Build a PFX with OpenSSL

  1. Log in to the NetScaler administration panel

  2. Go to Traffic Management -> SSL -> Certificates -> Server Certificates and click on Install

  3. Enter a name for your certificate and search for your file in pfx format (by choosing the option Locale after clicking on the arrow to the right of Choose File

  4. Enter the password of your PFX file and click on Install

Installation of the certificate in .cer format and of the private key

1) Import the certificate and the private key

  1. Log on to the NetScaler administration panel

  2. Go to Traffic Management -> SSL -> Certificates -> Server Certificates and click on Install

  3. Enter a name for your certificate and search for your file in .cer format

  4. Find your private key generated during your certificate request (.key or .pkey format)

  5. Click on Install

2) Import the certificates constituting the certification chain (old procedure for Citrix Netscaler v8)

  1. Import the PEM file holding the server certificate and its private key. We assume here that the private key and CSR have been geneted under an other equipment (IIS or Apache)

  2. If your certificate has been delivered along with a certification chain, import individualy this chain through one or several files (one certificate per PEM file) at the same place but named differently (with the function 'add' and without specifying any private key)

  3. then, click the Link button to link the certificate and the first intermediate, then the first with the second and so on.

Save the configuration to apply it.

Test!

3) Bind the certificate to a Virtual Server

After importing your certificate, you must bind to a virtual server.

  1. Using FTP Over SSL In the configuration utility, on the Configuration tab, expand "NetScaler Gateway" and click onVirtual Servers

  2. In the "Details" panel, click on a virtual server and Open

  3. In the "Certificates" tab, under "Available", select a certificate, click onAdd and Ok

Information : if you get an error message like "Invalid private key, or PEM pass phrase required for this private key" when importing, it is possible that invisible control characters are present in the key. To do this from the Netscaler Shell (or from a terminal with OpenSSL), type the following command:

openssl rsa -in current_private_key.key -out new_private_key.key

Useful Links

Official documentation:

Non-official documentation: