In my future articles, I am going to write about Skype for Business(SFB) Front End Pool Load Balancing via Citrix Netscaler VPX. In order to do it, we need to import SFB SAN certificate into Netscaler. Windows certificates can not be imported on NetScaler in PFX format, so we must first convert the certificate to PEM format.
Open MMC console, add Certificates Snap-in(choose local computer store), then go to Personal Certificates in find your SAN certificate. ( I am using SAN certificate from GoDaddy.) Right click on certificate, All Tasks&Export
Choose Yes, export the private key:
Store it on local drive:
Now login to Netscaler and make sure SSL Offloading is enabled. (Under Configure Basic Features)
Then go to SSL\Tools\Import PKCS#12
Type Oupout name, in my case SFB_FE_certificate.cer, in PKCS12 file, browse for PFX from you local drive, type password, choose DES3 encoding format and type your passphrase. Hit OK.
Under Manage Certificates / Keys / CSRs you will be able to see newly imported certificate, but we are not done yet.
Now go to SSL\Certificates and hit Install
Choose imported CER file:
Certificate is now imported:
In second part, I will show you how to import server certificate for Intermediate Certificate Authority and bind it to SAN certificate.