- This topic is empty.
16. October 2013 at 21:56 #8026
I have searched through the messages, and tried everything I found, but can still not get a T50 to work with PNAgent in Citrix.
On the XenApp server side, I’m getting the following in the error log: “SSL handshake from client failed” I am running FW1.027 on the T50. I have tried with .ini and with local setup to no avail. an ICA client will work, as will running it through the Citrix WI in Chrome browser. I have tried full path (https://citrix.domain.com/Citrix/PNAgent/PNAgent.xml and without the PNAgent.xml). I have tried citrix.domain.com Force HTTPS, no Force HTTPS. And just about every combination of options that I can find in the ini reference, and I still get the “SSL handshake from client failed” on the server side. The client side is merely “authentication failure”.
I have also tried DHCP Option 181 with the FQDN and IP address – same result.
I have enabled pass through authentication on the PNAgent as well as the Web Interface side.
I have also tried importing the cert (.pfx) and that didnt help either.
Does anyone have any suggestions? I feel like Im missing something very simple, somewhere, and hope a fresh set of eyes will help.
Below is the server side details.
Xen App Servers:
Citrix XenApp for Windows, Advanced Edition 6.5.0 Build 6682 (No Service Packs), Hotfix XA650W2K8R2X664R01 (All Servers)
Windows 2008 R2 Remote Desktop Servers with SP1
XenApp Web SiteXenApp Services Site:
Windows 2008 R2 SP1
Citrix Web Interface Gateway: 18.104.22.168
Citrix Secure Gateway: 3.3.1
Cliff19. October 2013 at 14:39 #24324ConfGenKeymaster
- Total Post: 9812
- Jedi Master
First you should update to latest T50 build 1.028.
CG22. October 2013 at 22:39 #24332
I should have stated that earlier I tried to push 1.028 to this device, and while it acted like it was going to upgrade, it didnt – and no errors in WDM either, so I gave up, because the release notes didnt appear to be relevant.
Anyway, today, I used the USB tool and pushed 1.028. I re-tried and same result: authentication failure.23. October 2013 at 12:30 #24333
Also, I determined the “SSL Client Handshake” error that I saw in the Citrix error logs is unrelated. When I watched the timestamps, they did not match attempts at authentication from the T50.24. October 2013 at 11:16 #24337ConfGenKeymaster
- Total Post: 9812
- Jedi Master
But you are trying to connect directly to the PNAgent site and not via CSG, aren’t you?
CG25. October 2013 at 12:29 #24348
1. We’d like to connect through CSG, but that doesn’t appear to work. Using CSG we get an authentication failure message each time.
2. It doesn’t appear to work if we are connecting with the Certificate loaded to the Website instead of CSG either. We can authenticate and see the list of apps, but they won’t launch.12. November 2013 at 1:16 #24388
Does anyone have any ideas? I have it working over HTTP on the LAN, but still cannot use HTTPS. This becomes a problem if they ever need to be used off-site – which is a real possibility as they are located in a hurricane-prone area.
I appreciate any suggestions.13. November 2013 at 1:39 #24389
HTTPS with PNAgent is a known issue on the T50. I will re-post when they have a solution.
- You must be logged in to reply to this topic.