Management, Security

NetScaler VPX – management certificate

René Jorissen on October 9, 2015 0 Comments • Tags: #certificate #management #netscaler #ssl #vpx

I would like to upgrade my current NetScaler VPX Express configuration via GUI. For some security reason Internet Explorer and FireFox aren’t able to access the GUI. They return the error message that the NetScaler is using a wrong SSL certificate.

The default SSL self-signed certificate is installed on the appliance. I have uploaded a “real” certificate to content switch and load balancing. I would like to use the same certificate for GUI management. To change the certificate, access the NetScaler via SSH.

Check the current certificate run the following command and you will get the following output.

sh run | grep “bind ssl service”
bind ssl service nshttps-::1l-443 -certkeyName ns-server-certificate
bind ssl service nsrpcs-::1l-3008 -certkeyName ns-server-certificate
bind ssl service nskrpcs-127.0.0.1-3009 -certkeyName ns-server-certificate
bind ssl service nshttps-127.0.0.1-443 -certkeyName ns-server-certificate
bind ssl service nsrpcs-127.0.0.1-3008 -certkeyName ns-server-certificate

If you would like to see all your available certificate enter the following command.

> sh run | grep “ssl certKey”
add ssl certKey ns-server-certificate -cert ns-server.cert -key ns-server.key
add ssl certKey wildcart-booches-nl -cert sslcert-wildcard-booches-nl.pem -key passwd-private-wildcard-1route-nl.pem -passcrypt “adfadf&*fU=”
add ssl certKey root-booches -cert cacert.pem

I would like to bind the certificate “wildcard-booches-nl”, so I use the following commands to bind the certificate to the different management services.

bind ssl service nskrpcs-127.0.0.1-3009 -certkeyName wildcard-booches-nl
bind ssl service nshttps-127.0.0.1-443 -certkeyName wildcard-booches-nl
bind ssl service nsrpcs-127.0.0.1-3008 -certkeyName wildcard-booches-nl

The following two tabs change content below.

René Jorissen

Co-owner and Solution Specialist at 4IP Solutions
René Jorissen works as Solution Specialist for 4IP in the Netherlands. Network Infrastructures are the primary focus. René works with equipment of multiple vendors, like Cisco, Aruba Networks, FortiNet, HP Networking, Juniper Networks, RSA SecurID, AeroHive, Microsoft and many more. René is Aruba Certified Edge Expert (ACEX #26), Aruba Certified Mobility Expert (ACMX #438), Aruba Certified ClearPass Expert (ACCX #725), Aruba Certified Design Expert (ACDX #760), CCNP R&S, FCNSP and Certified Ethical Hacker (CEF) certified. You can follow René on Twitter and LinkedIn.

Latest posts by René Jorissen (see all)

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.