-
-
Save ennisa-ire/dcde64f3ab8bcfb75e433eb2cfd226f3 to your computer and use it in GitHub Desktop.
The installation of the client
- First you need to down load your certs. For me this meant loggin into the secure gateway. (vpn gateway).
https://remoteaccess.aib.ie
- Right clicking on the "green lock" icon from the browser, and exporting all three certiicates. I saved them in a tmp folder.
ae@ae-Unknow:~/ICAClient/linuxx86/util$ sudo cp ~/tmp/*.crt /opt/Citrix/ICAClient/keystore/cacerts/
ae@ae-Unknow:~/ICAClient/linuxx86/util$ sudo cp ~/tmp/*.crt ~/ICAClient/linuxx86/keystore/cacerts/
- link the mozilla folder to
sudo ln -s /usr/share/ca-certificates/mozilla /opt/Citrix/ICAClient/keystore/cacerts
- then rehash both folders
sudo c_rehash /usr/share/ca-certificates/mozilla/ ~/ICAClient/linuxx86/keystore/cacerts/
Notes
-
Full ubuntu doc here
https://help.ubuntu.com/community/CitrixICAClientHowTo -
Verisign trusted root store is available here...
wget http://www.symantec.com/content/en/us/enterprise/verisign/roots/roots.zip
Instead of exporting from browser, you could get the certs here? and copy them over to /opt/Citrix/ICAClient/keystore/cacerts/
There are many SSL provides.
- Let’s Encrypt
Idea is that the provider will provide a client that you install on the server, pi in this case, and the client will then retrieve the certs for you, via the browser.
Theres two kinds, the self signed , and the trusted authority kind.
https://www.youtube.com/watch?v=yjZOyANmKWU Excellent Turoiral
- Domain Name : iot-tech.ie
- IP Address or web server:
- Public key : local.crt
- Private key : local.key
Browser: Get Certs from provider
- domain name already set up! AND it is pointing at your IP address
- IP Address cannot have a certified SSL Certificate.
Providers
- https://www.blacknight.com/security/ssl/?cn-reloaded=1
- Lets encrypt.
- Before you start what ports is your server listing on netstat -tupan
- mod_ssl is not installed? then do and restart htppd. yum install mod_ssl
- Is 433 open on your router.
Windows Native Go to windows features, enable the linux subsystem
or Install from windows store https://msdn.microsoft.com/en-us/commandline/wsl/install_guide
Docker Approach https://www.docker.com/products/docker-toolbox https://docs.docker.com/get-started/
LXC Approach