Skip to content

Commit 3a0afcf

Browse files
matt6697matt6697
committed
Citrix XML Service SSL offloading on IIS
Configure SSL offloading on IIS Default web site and forward the request to Citrix XML services listening on port 80
1 parent 58a52fa commit 3a0afcf

5 files changed

Lines changed: 62 additions & 7 deletions

File tree

files/iis_requestRouter_amd64.msi

1.98 MB
Binary file not shown.

files/iis_rewrite_amd64_en-US.msi

5.77 MB
Binary file not shown.

manifests/install.pp

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,4 +56,37 @@
5656
require => File["C:\\Program Files\\WindowsPowerShell\\Modules\\sqlserver_powershell_21.0.17199.zip"]
5757
}
5858

59+
#Install IIS addons required for Citrix XML service offloading to IIS.
60+
dsc_file{ 'IISaddons':
61+
dsc_destinationpath => 'C:\IISaddons',
62+
dsc_type => 'Directory',
63+
dsc_ensure => 'Present'
64+
}
65+
66+
file{ "C:\\IISaddons\\iis_rewrite_amd64_en-US.msi":
67+
source => 'puppet:///modules/xd7mastercontroller/iis_rewrite_amd64_en-US.msi',
68+
source_permissions => ignore,
69+
require => File['IISaddons']
70+
}->
71+
72+
dsc_package{'iis_rewrite_amd64_en-US':
73+
dsc_ensure => 'Present',
74+
dsc_name => 'IIS URL Rewrite Module 2',
75+
dsc_productid => '38D32370-3A31-40E9-91D0-D236F47E3C4A',
76+
dsc_path => 'C:\\IISaddons\\iis_rewrite_amd64_en-US.msi',
77+
}
78+
79+
file{ "C:\\IISaddons\\iis_requestRouter_amd64.msi":
80+
source => 'puppet:///modules/xd7mastercontroller/iis_requestRouter_amd64.msi',
81+
source_permissions => ignore,
82+
require => File['IISaddons']
83+
}->
84+
85+
dsc_package{'iis_rewrite_amd64_en-US':
86+
dsc_ensure => 'Present',
87+
dsc_name => 'Microsoft Application Request Routing 3.0',
88+
dsc_productid => '279B4CB0-A213-4F94-B224-19D6F5C59942',
89+
dsc_path => 'C:\\IISaddons\\iis_requestRouter_amd64.msi',
90+
}
91+
5992
}

manifests/sslconfig.pp

Lines changed: 16 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
class xd7mastercontroller::sslconfig inherits xd7mastercontroller {
22
if $https {
3+
#Donwload and import SSL certificate in WebHosting store
34
dsc_file{ 'SSLCert':
45
dsc_sourcepath => $sslCertificateSourcePath,
56
dsc_destinationpath => 'c:\SSL\cert.pfx',
@@ -14,7 +15,8 @@
1415
dsc_credential => {'user' => 'cert', 'password' => $sslCertificatePassword },
1516
require => Dsc_file['SSLCert']
1617
}
17-
18+
19+
#Configure IIS HTTPS binding (remove HTTP binding)
1820
dsc_xwebsite{ 'DefaultWebSite':
1921
dsc_name => 'Default Web Site',
2022
dsc_physicalpath => 'C:\inetpub\wwwroot',
@@ -27,11 +29,18 @@
2729
require => Dsc_xpfximport['ImportSSLCert']
2830
}
2931

30-
registry_value { 'HKLM\SOFTWARE\Citrix\DesktopServer\XmlServicesSslPort':
31-
ensure => present,
32-
type => 'dword',
33-
data => '443',
34-
require => Dsc_xd7features ['XD7DeliveryController']
35-
}
32+
#Configure SSL offloading on IIS Default web site and forward the request to Citrix XML services listening on port 80
33+
file{'c:/inetpub/wwwroot/web.config':
34+
ensure => file,
35+
content => template('xd7mastercontroller/web.config.erb')
36+
}
37+
38+
#Configure Citrix XML Service SSL port
39+
registry_value { 'HKLM\SOFTWARE\Citrix\DesktopServer\XmlServicesSslPort':
40+
ensure => present,
41+
type => 'dword',
42+
data => '443',
43+
require => Dsc_xd7features ['XD7DeliveryController']
44+
}
3645
}
3746
}

templates/web.config.erb

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<configuration>
3+
<system.webServer>
4+
<rewrite>
5+
<rules>
6+
<rule name="ReverseProxyInboundRule1" stopProcessing="true">
7+
<match url="(.*)" />
8+
<action type="Rewrite" url="http://<%= @fqdn %>/{R:1}" />
9+
</rule>
10+
</rules>
11+
</rewrite>
12+
</system.webServer>
13+
</configuration>

0 commit comments

Comments
 (0)