I have configured a web resource / link to a Citrix WebInterface (v4.6) using the Citrix web template.
The ICA clients are non-java and we selected to tunnel the traffic thru JSAM.
As specified in the documentation, I have listed the MetaFrame servers and it's port numbers, and also the csg (citrix secure gateway) server that is in use during the launch of applications on the webInterface. Everything looks fine until I try to start an application, -then I get the following error:
"Cannot connect to the Citrix Presentation server.
SSL Error 59: The server sent a security certificate identifying "csg.ourdomain.com", the SSL connection was to "127.0.2.3".
All different kinds of logs just say that it closes the connection to the csg.ourdomain.com server.
2008-08-29 17:05:33 Connected to csg.ourdomain.com port 443
2008-08-29 17:05:33 Closed connection to csg.ourdomain.com port 443 after 1 seconds, with 995 bytes read (in 2 chunks) and 240 bytes written (in 2 chunks)
Our system version is 6.2R1, (build 13255)
I have sent this to support but I do not get any good answers.
When i use WSAM instead of JSAM it works fine.
Any ideas anyone?
Solved! Go to Solution.
JSAM cannot be used to tunnel data towards a Citrix farm that uses a csg-server. So this wasn't a bug or anything, but a matter of non-compatible configurations on Citrix vs Juniper
This is an error generated when the Presentation Server receives a SSL session initiation in which the URL does not match the name of the certificate on the server. I'm guessing that the JSAM Citrix implementation accesses the Presentation Server as 127.0.2.3 instead of csg.ourdomain.com.
This looks like a Juniper error to me. Push on JTAC. It should be simple for them to recreate the error.
A number of other people on the forum have commented on the bugginess of V6.2r1. I think 6.2r2 is imminent. You may want to try that.