Citrix NetScaler Certficates – Creating a Private RSA
| Step | Description | Screenshot |
| 1 | Log into the NetScaler web interface |  |
| 2 | Expand traffic management
Right Click SSL And select Enable Feature Note: The yellow exclamation will disappear when the feature is enabled |
Disabled
Enabled
|
| 3 | Expand SSL > SSL Files > and click the button Create RSA Key |  |
| 4 | In this example we will enter the details shown:
Then click Create |
Key filename: gateway.jsconsulting.services.privatekey 
Key Size(bits)*: 2048 Public Exponent Value: F4 Key Format: PEM PEM Encoding Algorithm: DES3 PEM & Confirm Password: <mypassword> Note: the larger the key size the more CPU will be used encrypting and decrypting the certificates DES3 is simply DES applied 3 times (so in theory it’s more secure) |
| 5 | Note: The private key should be downloaded and stored away from the NetScaler device (especially if the NetScaler is stored in a DMZ). This is in case the NetScaler device is compromised in any way. If your private keys are lost or compromised you would have to revoke your existing certificates and new certificates should be generated. | |
