Citrix Systems 10 manual SSL Relay, Configuring SSL/TLS

Page 60

60	Client for Macintosh Administrator’s Guide

•From the ICA Client Editor Options menu, choose Default Settings.

•Click Default Settings in the ICA Client Editor.

2.On the Making a Connection > Server Location pane, click Firewalls to open the Firewalls Settings dialog box.

3.Type the fully qualified domain name of the Secure Gateway server and the port number, if not 443.

4.Click OK, then Save.

To specify a Secure Gateway server (Relay mode) for a connection file

1.In the ICA Client Editor, open the connection file you want to edit.

2.From the Security tab, clear the Proxy > Use Default check box.

3.Click Firewall Settings.

4.Type the fully qualified domain name of the Secure Gateway server and the port number, if not 443.

5.Click OK.

SSL Relay

You can use SSL Relay to secure communications between the following:

•An SSL/TLS-enabled client and a server

•Devices running Presentation Server and the Web Interface

For information about configuring and using SSL Relay, see the Presentation Server documentation. For information about configuring Web Interface to use SSL/TLS encryption, see the Web Interface Administrator’s Guide.

Configuring SSL/TLS

TLS is the standardized form of SSL. Both are cryptographic security protocols designed to ensure the integrity and privacy of data transfers across public networks.

SSL and TLS are configured in the same way and use the same certificates. When you enable SSL and TLS, each time you initiate a connection the client tries to use TLS first, then tries SSL. If it cannot connect with SSL, the connection fails and an error message appears.

There are three main steps involved in setting up SSL/TLS:

1.Set up SSL Relay on the devices running Presentation Server or the Web Interface and obtain and install the necessary server certificate. See the

Image 60

Contents Citrix Presentation Server Client for Macintosh, Version Copyright and Trademark Notice Contents Chapter Chapter Configuring the User Interface Index How to Use this Guide Before You BeginWho Should Use this Guide Accessing Product Documentation Before You Begin Client for Macintosh Administrator’s Guide Overview ArchitectureUsing the Client Client for Macintosh Features New Features at This ReleaseConnection Features User Interface FeaturesSecurity Features Mapping Features Performance Improvement FeaturesPage Client for Macintosh Administrator’s Guide Installing the Client for Macintosh To install the client from the Citrix Web siteDeploying the Client for Macintosh System RequirementsUninstalling the Client for Macintosh Configuring Connections to Servers and Applications About Connection FilesStarting the ICA Client Editor To start the ICA Client EditorCreating a Basic Connection File To create a connection fileIdentifying a Desktop or Application to Connect to To configure a master browser for an individual connection Server Address boxTo find the application or desktop to connect to Choose either Server or Published ApplicationConfiguring Business Recovery and Server Groups To configure a business recovery server groupMapping Client Devices Mapping Client DrivesTo turn drive mapping off for a specific connection file Drive Mapped toMapping Client COM Ports Mapping Client Audio To map a client COM portTo turn client audio on or off on a server To turn audio mapping on for a specific connectionConfiguring the Server Opening a File in a Specific ApplicationExtended Parameter Passing Server Drive MappingConfiguring the Client Client Drive MappingAssociating the file type Configuring Connections to Servers and Applications Client for Macintosh Administrator’s Guide Starting an ICA Session To start an ICA sessionOpening a Specific Application Using a Connection File To specify application properties for a connection fileTo print using the Macintosh Print dialog box PrintingTo turn printing off for a specific connection file Reconnecting to Servers after a Disconnection Session ReliabilityTo turn session reliability on for a specific connection Making Keystrokes with Macintosh Keyboards PC key Macintosh optionsChoose Keyboard Send Function Key Control/Alt About Client Keyboard Support Using a Mouse Option-Escapeequal signConfiguring the User Interface To configure the default window propertiesWindow Properties Showing and Hiding the Menu Bar and Dock To specify the window properties for a particular connectionConfiguring Sound Support Audio Mapping Configuring HotkeysTo configure the default alert beep setting Playing Windows Alert BeepsUsing Japanese Hotkeys To change the default hotkeysUsing Japanese Keyboards To configure default keyboard layout and type settingsTo map Kotoeri hotkeys Solving Japanese Keyboard Problems To enable the Kanji Bango hotkey and Caps Lock keyImproving Performance Compressing DataCaching Images To configure the default settings for disk caching Reducing Display Latency Changing Your Client Configuration Improving Performance Over a Low-Bandwidth ConnectionChanging the Way You Use the Client Client for Macintosh Administrator’s Guide Integrating the Client with Security Solutions Configuring the Client to Work with a Proxy ServerSpecifying the Proxy Server Manually Click Firewall Settings Detecting Proxy Details AutomaticallyIntegrating the Client with the Secure Gateway or SSL Relay Secure GatewayConfiguring SSL/TLS SSL RelayInstalling Root Certificates on Clients Configuring the Client to Use SSL/TLSConnecting to a Server through a Firewall Using Encryption Client for Macintosh Administrator’s Guide Index Client for Macintosh Administrator’s Guide Index67 SSL/TLS+HTTPS