Storefront 2.1 – Step by Step from install to secure (2/3)

This article is a part of a series of three where I describe the installation of 2 storefront servers, secured, load balanced and accessed from external network.

The Storefront servers installation is covered in the first article.

In this article, we will cover the certificate creation on NetScaler.

2/3 Create a Load Balancer on NetScaler

Let’s assume that you have :

• An SSL certificate for your site (storefront.domain.com) in 2 formats: .pfx and .cer.
• A NetScaler with basic configuration (installed, connected and configured with a NetScaler IP).

First of all, we are going to import the certificates in the NetScaler. Connect to your NetScaler via a Web browser. Under Traffic Management / SSL, in Tools, choose Import PKCS#12.

Fill in the form:

• Name: yourCertDomain.key is a good choice. So you’ll can find it easier later.
• Upload your *.pfx file.
• Import password is the password to decrypt the *.pfx file.
• Enter a passphrase to secure the private key.

Note: pay attention to specific character in the import password or passphrase. I’ve faced error with @ character in password because openssl doesn’t support it.

After valdating, go to Manage Certificates / keys / CSRs. A window pops up. You have to upload your CER format certificate here. You can delete the previously uploaded *.pfx file because we have already extract a private key and don’t need *.pfx anymore.

Let’s now create the certificate under SSL / certificates choose Install.

• Certificate-key pair name: here again, I recommend to use the certificate fqdn.
• Certificate file name: find the previously uploaded CER certificate.
• Key file name: find the priate key made from the *.pfx file.

Your certificate is now imported. We are ready to run the Access Gateway assistant. We will discuss it in the last article of this series.