One excellent feature of Citrix NetScaler is SSL Offload. To configure SSL offloading, you must enable SSL processing on the NetScaler appliance and configure an SSL based virtual server that will intercept SSL traffic, decrypt the traffic, and forward it to a service that is bound to the virtual server.
Step 1: Enable SSL
System -> Settings -> Configure Basic Features
Step 2: Create a Back-end
Traffic Management -> Load Balancing -> Servers -> Click Add
Step 3: Create a Services
We are running a HTTP service, using the default of port 80 on the previously created server object.
Traffic Management -> Load Balancing -> Services Services -> Add
Step 4: Create a vServer
Traffic Management -> Load Balancing -> Virtual Servers -> Add
Step 5: Bind the SSL key pair to the SSL vserver
Step 6: Select the certificate of Web Server.
Step 7: Now add in the vServer previously created.
Step 8: Select the vServer.
Step 9: Click Done
Step 10: Check if your Load balance is UP.
Step 11: Let’s test our SSL offload configuration.
If you hit the VIP the NetScaler is presenting on HTTPS, it converts it to HTTP.
For more details: https://docs.citrix.com/en-us/netscaler/12/ssl/config-ssloffloading.html
Leave a Reply