Bug in Netscaler 11, PFX lost after reboot

So I recently got aware that Netscaler 11 has a serious bug that after a Netscaler is rebooted the PFX certificate is removed from the Netscaler http://discussions.citrix.com/topic/367451-server-certificate-lost-after-reboot-ns-110/ even if the config is saved.

I decided to do a little digging on my lab enviroment, after imported a new PFX certificate with Pkey and attaching it to a LB server, as shown here.

I saved the config and I can also see that the certificate is listed here under SSL – Certificates

image

After a reboot, I can clearly see that the certificate is not installed, even thou it is still on the file system.

image

image

Wierd thing is that I can see from comparison of the saved config and the running config that the only thing that is missing are these two lines, which actually installed the certificate.

image

Now the fix is pretty simple as Carl listed on the forum, convert the PFX to PEM format and it seems to work, but still I have forwarded this to Citrix to get some clarity…

Leave a Reply

Scroll to Top