60

Client for Macintosh Administrator’s Guide

From the ICA Client Editor Options menu, choose Default Settings.

Click Default Settings in the ICA Client Editor.

2.On the Making a Connection > Server Location pane, click Firewalls to open the Firewalls Settings dialog box.

3.Type the fully qualified domain name of the Secure Gateway server and the port number, if not 443.

4.Click OK, then Save.

To specify a Secure Gateway server (Relay mode) for a connection file

1.In the ICA Client Editor, open the connection file you want to edit.

2.From the Security tab, clear the Proxy > Use Default check box.

3.Click Firewall Settings.

4.Type the fully qualified domain name of the Secure Gateway server and the port number, if not 443.

5.Click OK.

SSL Relay

You can use SSL Relay to secure communications between the following:

An SSL/TLS-enabled client and a server

Devices running Presentation Server and the Web Interface

For information about configuring and using SSL Relay, see the Presentation Server documentation. For information about configuring Web Interface to use SSL/TLS encryption, see the Web Interface Administrator’s Guide.

Configuring SSL/TLS

TLS is the standardized form of SSL. Both are cryptographic security protocols designed to ensure the integrity and privacy of data transfers across public networks.

SSL and TLS are configured in the same way and use the same certificates. When you enable SSL and TLS, each time you initiate a connection the client tries to use TLS first, then tries SSL. If it cannot connect with SSL, the connection fails and an error message appears.

There are three main steps involved in setting up SSL/TLS:

1.Set up SSL Relay on the devices running Presentation Server or the Web Interface and obtain and install the necessary server certificate. See the

Page 60
Image 60
Citrix Systems 10 manual SSL Relay, Configuring SSL/TLS