Citric ADC – ADFS Load Balance Monitor Probes for ADFS3.0/ADFS Proxy/WAP

ADFS Load Balance Monitor Probes for ADFS3.0/ADFS Proxy/WAP

Bind SSL Certificate to all IP Address of Server and not just the DNS Name (This must be completed on both ADFS Proxy as well as ADFS Internal Servers:-

  1. Open a Command Prompt as administrator
  2. Run the following command:
    netsh http show sslcert
  3. You will see a list of SSL Certificate bindings.
  4. Mark and copy the ‘Certificate Hash’ value.
  5. Mark and copy the ‘Application ID’ value.
  6. Now run the following command, where you insert the noted ‘Certificate Hash’ and ‘Application ID’ values (from step 4,5)
    netsh http add sslcert ipport=0.0.0.0:443 certhash=Insert_Certificate_Hash_Here appid={Insert_Application_ID_here}

Create a new Netscaler monitor 

ADFS Internal:-

Type:  HTTP-EVS

Destination Port: 443

Special Parameters~:

Send String:  GET /federationmetadata/2007-06/federationmetadata.xml

Recieve String :[hostname.domainname.com/adfs/services/trust

 

ADFS Proxy

Type:  HTTP-EVSDestination Port: 443Special Parameters~: Send String:  GET /federationmetadata/2007-06/federationmetadata.xmlRecieve String :[hostname.domainname.com/adfs/services/trust

Customer Header: [hostname.domainname.com]\r\n

Leave a Reply