Citrix Access Gateway Certificate Format
I got a call a few days ago to renew the certificate on a Citrix Access Gateway appliance. The appliance was very - and I mean very - old so I had my hands full... After I found out that the proper software for management was installed on the Web Interface servers, I requested the certificate in PFX format in order to get the private key too and scheduled the change for after hours since it requires a restart of the devices. When I tried to install the certificate, the appliances refused to accept it. Then I recalled an article I've read a long time ago, where the author mentioned that the certificate has to be in PEM format and not PFX. After a google search, I found this article on the Citrix Knowledge Center that describes the process of converting a PFX file to PEM for that purpose. All you have to do is to download the openssl binaries and execute the following command in order to convert the file: openssl pkcs12 -in c:\certs\yourcert.pfx -out c:\certs\cag.pem –no