Many Citrix Secure Gateway implementations are old and based upon 1024 bit encryption. So when you get the email notification about your certificate soon expires you find out that it’s no longer possible to renew a 1024 bit certificate.
The procedure for creating a new 2048 bit or higher is quite fast and simple as long as you know how to do it. Below I show you the way.
First off create a new website, in the example above I’ve used the name NewCertSite.
Then right click the new site, select Properties and navigate to the Directory Security tab.
Finally start Citrix Secure Gateway Configuration Wizard and select the new certificate. If you’re unsure just click the View button to see the certificate information.
Warning: Any active connections to the Citrix Secure Gateway will be closed when you save the new configuration. If you’re upgrading remotely make sure you have e.g. an active TeamViewer session with the Secure Gateway server.