Cannot access a Netscaler logon page via Internet Explorer via HTTPS
April 3, 2013 Leave a comment
If you are using Netscalers for load balancing and cannot access the GUI console via HTTPS, this may be because you are using the Netscaler built-in self signed certificate. At the end of 2012, Microsoft pushed out a windows update that requires all SSL certs for be 1024bits minimum and the self-signed certificate is 512bit. Have a look for the windows update KB2661254.
http://support.citrix.com/article/CTX135480
The symptoms you will see are that you cannot click on the Continue to this website (not recommended) link despite you knowing that the certificate is unsigned. Internet explorer will not give you a valid error message, but will just refuse to do anything.
To fix this:
- Install a real SSL certificate on the Netscaler
- Redo the self-signed certificate as 1024bit as per the Citrix article above
- Use Chrome or Firefox that do not enforce this requirement at time of writing